Overview

overview

5

Static

static

5

xyz4568.zip

windows10-2004-x64

5

xyz4568.zip

windows11-21h2-x64

1

Defender_Settings.vbs

windows10-2004-x64

1

Defender_Settings.vbs

windows11-21h2-x64

1

ReadMe.txt

windows10-2004-x64

1

ReadMe.txt

windows11-21h2-x64

3

dControl.exe

windows10-2004-x64

5

dControl.exe

windows11-21h2-x64

5

out.exe

windows10-2004-x64

out.exe

windows11-21h2-x64

3

dControl.ini

windows10-2004-x64

1

dControl.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    30-12-2024 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xyz4568.zip

  • Size

    447KB

  • MD5

    9a6400f8a9858df3bd3c96345d9a78d2

  • SHA1

    c3a9308b609ba0c94606e54da3b3c9619f2f189a

  • SHA256

    1f4a13e582334af11d54919f02f237821cb5be923e6e5c65b1837dcd0fe516f2

  • SHA512

    4897782c0c897a307d325b3dfeeb6e0534c7d86b000f00e86b40327d85739b51bbd068ca8b40a669024f0f1d187e6eb2d74212669a73155dc863edc3284c9ae2

  • SSDEEP

    12288:uzoljnMjhdmYkCRo2gfLc4G4rsNncix51tvtJLmg:6+Mddk2gTc4GRcE51h+g

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\xyz4568.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads