Overview

overview

10

Static

static

10

Collapse -...1).rar

windows7-x64

1

Collapse -...1).rar

windows10-2004-x64

1

Collapse -...se.exe

windows7-x64

10

Collapse -...se.exe

windows10-2004-x64

10

Collapse -...er.dll

windows7-x64

1

Collapse -...er.dll

windows10-2004-x64

1

Collapse -...ne.txt

windows7-x64

1

Collapse -...ne.txt

windows10-2004-x64

1

Collapse -...pi.txt

windows7-x64

1

Collapse -...pi.txt

windows10-2004-x64

1

Collapse -...sh.txt

windows7-x64

1

Collapse -...sh.txt

windows10-2004-x64

1

Collapse -...rt.txt

windows7-x64

1

Collapse -...rt.txt

windows10-2004-x64

1

Collapse -...ve.cmd

windows7-x64

1

Collapse -...ve.cmd

windows10-2004-x64

1

Collapse -...rt.dll

windows7-x64

3

Collapse -...rt.dll

windows10-2004-x64

3

Collapse -...32.sys

windows10-2004-x64

1

Collapse -...64.sys

windows10-2004-x64

1

Collapse -...pi.exe

windows7-x64

1

Collapse -...pi.exe

windows10-2004-x64

3

Collapse -...rt.dll

windows7-x64

1

Collapse -...rt.dll

windows10-2004-x64

1

Collapse -...64.sys

windows10-2004-x64

1

Collapse -...pi.exe

windows7-x64

1

Collapse -...pi.exe

windows10-2004-x64

1

Collapse -...es.txt

windows7-x64

1

Collapse -...es.txt

windows10-2004-x64

1

Collapse -...ne.txt

windows7-x64

1

Collapse -...ne.txt

windows10-2004-x64

1

Collapse -...pi.txt

windows7-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2025, 07:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Collapse - update3.5.1 (1).rar

  • Size

    1.1MB

  • MD5

    929c2c8c3f5e55f2a1ddfb0f94d2aacb

  • SHA1

    2b2bb3c45ab3a62c9f24c9f381456ecc7a180875

  • SHA256

    c5d9566e11938490f3e49f34b61ae47225b10833d9aeba17c92c7119c6a16a7b

  • SHA512

    da8ea37abb8d435f565987af419cc83875c5c9fa89fe0df7c263a4eed72726c3b495b5648f4327a4d103f5fc9e2b496641d5046e289a3385c009909d8e106436

  • SSDEEP

    24576:biF/XzqHvygSUaTYRAdzJbbSyWDhBBAWaVEUggSWVLMtw:w/uHv9SJiAdz9Z8BBRXgSWVmw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 41 IoCs
  • Suspicious use of SendNotifyMessage 39 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Collapse - update3.5.1 (1).rar"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2364
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2688
    • C:\Windows\system32\taskmgr.exe
      "C:\Windows\system32\taskmgr.exe" /4
      1⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      PID:2596
    • C:\Windows\system32\UserAccountControlSettings.exe
      "C:\Windows\system32\UserAccountControlSettings.exe"
      1⤵
        PID:1808

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1808-3-0x0000000000290000-0x00000000002A0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2596-0-0x0000000140000000-0x00000001405E8000-memory.dmp

        Filesize

        5.9MB

        Download

      • memory/2596-1-0x0000000140000000-0x00000001405E8000-memory.dmp

        Filesize

        5.9MB

        Download

      • memory/2596-2-0x0000000140000000-0x00000001405E8000-memory.dmp

        Filesize

        5.9MB

        Download