cf48e7a28c8a3cf6787c5eb193bbe23c0c17fa5716c297c23316972e6c0d6b60 | Triage

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04-01-2025 20:36

Sharing

Report Analysis Logs

General

Target

StakePredict.rar
Size

2.2MB
MD5

9318442bdd24d1837eda79c1f7f7bc2e
SHA1

c3bb4d657b336ccd8a0d2cd34d993fb88b6ab7bb
SHA256

cf48e7a28c8a3cf6787c5eb193bbe23c0c17fa5716c297c23316972e6c0d6b60
SHA512

50e74264099db82e72e2ccd7673654a96182975fba1f84859b6dbfbac78318cbf31c352f4eeee446b12da1b2d3f56aa2d3c8d45f9de3dc3b3eca0b1e7765fa71
SSDEEP

49152:jU1MLxRC0Pisl1WFn9VZAAoi2RFM/672XBGwBYDKbQFZ6HCT11:jp3WNhQ6jX8wBO8QFZN51

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	4072	7zFM.exe
Token: 35	4072	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4072	7zFM.exe

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\StakePredict.rar"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4072

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads