Overview

overview

7

Static

static

1

Nueva carpeta.rar

windows10-ltsc 2021-x64

7

Nueva carp...er.zip

windows10-ltsc 2021-x64

1

Discord-To...ignore

windows10-ltsc 2021-x64

3

Discord-To...NSE.md

windows10-ltsc 2021-x64

3

Discord-To...DME.md

windows10-ltsc 2021-x64

3

Discord-To...ain.py

windows10-ltsc 2021-x64

3

Discord-To...ns.txt

windows10-ltsc 2021-x64

1

Nueva carp...64.exe

windows10-ltsc 2021-x64

7

Resubmissions

31/12/2024, 03:26

241231-dzfp5ssjer 7

31/12/2024, 03:23

241231-dxrpmavmfy 7

31/12/2024, 03:22

241231-dxckps1rgj 7

31/12/2024, 03:18

241231-dt4j1s1qgj 7

Analysis

  • max time kernel
    1110s
  • max time network
    1114s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241211-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    31/12/2024, 03:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nueva carpeta/Discord-Token-Joiner-master.zip

  • Size

    3KB

  • MD5

    174ae01f2c742de32a737d71e7ab6a18

  • SHA1

    cfe6020fd588bac259b2d711a4b4c409be304333

  • SHA256

    4d330de4cd281e28ce39e9da9a44f73c5bcc0ec256983c0b1f51eed2fb293943

  • SHA512

    25d092cd5447379ec0aa28d5a88168c12f8313b3fb1686504c89d814cccce6a18e9d68c14cf55a8c73c49f56c19e09fd5474edade486ea0cc987b4817618f833

Score
1/10

Malware Config

Signatures

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Nueva carpeta\Discord-Token-Joiner-master.zip"
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:5092
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=5020,i,14915339153108214952,13513928827091056845,262144 --variations-seed-version --mojo-platform-channel-handle=4080 /prefetch:8
    1⤵
      PID:3020
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=4900,i,14915339153108214952,13513928827091056845,262144 --variations-seed-version --mojo-platform-channel-handle=3704 /prefetch:8
      1⤵
        PID:5052
      • C:\Windows\system32\OpenWith.exe
        C:\Windows\system32\OpenWith.exe -Embedding
        1⤵
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:940
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --string-annotations=is-enterprise-managed=no --field-trial-handle=4016,i,14915339153108214952,13513928827091056845,262144 --variations-seed-version --mojo-platform-channel-handle=5184 /prefetch:8
        1⤵
          PID:1892

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
          Filesize

          28KB

          MD5

          408462137e2f6231ac6f44c2ce4eda7d

          SHA1

          be21d0d6cb93232ab0f4e1bb66184ca7c495e242

          SHA256

          7541ef3b7e31151d568c3cb18f8e5098b79c8cbb3f0935a86d6912e9f3a2d9c2

          SHA512

          a6d7d2942fa48b2f55d52c4dc731dc754cb59e4a0fcbbb78b3deb128bf92aa504ebdfa31e74b9f4572a0fde735f4c792b4822b5eaa6134f14e6b9f3c9cd3a926

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\7zO4E31C7CA\main.py
          Filesize

          746B

          MD5

          58f14c91101db143b0a90fdc8b1bf9b4

          SHA1

          e3abd4d335d709118b615100cf57e648e9cd2b1a

          SHA256

          b88dd5fea640870cc0ccbe582db0aa3fde782ce3978c76fcb5cf9425102ea919

          SHA512

          683cc70a60867635a4b8473e71a3c5f47e9de1387e49da540dd031437e1fac67de2d9d859f708eb555922a8be19a7d2296460980d6ff4d322d5dfdc6cfac52db

          Download Submit