e883775711e2df54fc98181d782ede135d1b5e212594fe59cb9e75be5cdfaaa6

Analysis

max time kernel
424s
max time network
426s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2025 22:12

Target

installer_1.05_36.9.zip
Size

20.8MB
MD5

e866021c606a52158525d4f2df67a5cd
SHA1

bdb711c91b37bcf9306d53c396441eab5d0f4fbc
SHA256

e883775711e2df54fc98181d782ede135d1b5e212594fe59cb9e75be5cdfaaa6
SHA512

61432fdd6a5a7744ed37359cbe98786981fed6fc32795179267a571904323ea69c500b3c2cb5bd2c6572d34c212ed9bb1c1d9e5a73c5e27d95d8c8989ea7f569
SSDEEP

393216:NZmphOyRvFL6UdiB5nFxhmRvmJiS7+dMA/bYomtmx6YDjN1fxRS:NZmphOyRtJiBHKR+4MA/EpQvPxQ

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4812	winrar-x64.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2484	7zFM.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

Suspicious use of FindShellTrayWindow 4 IoCs

Suspicious use of SetWindowsHookEx 3 IoCs

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4060

C:\Users\Admin\Desktop\New folder\installer_1.05_36.9.rar

Filesize
17.3MB

MD5
19f6ca66f86dd36182837b1e5845e2c7

SHA1
df171122405698b7dd482a41beb1dbd614168fa4

SHA256
11874068ef0e522730f49d405fd2b66fd54bfd692217ba75b53fcfbbe628e47c

SHA512
40319a21e9e3805ec43a63b75b88018eff9e42558743b8592003560d5d21b179cba319252d5398b41d06dd1bdf56bb99db0d77160e35fd56d97b3bdc78f632b1

Download Submit
C:\Users\Admin\Desktop\New folder\winrar-x64.exe

Filesize
3.6MB

MD5
517023aad9ad2f3200057ce0b704e196

SHA1
7612058b5f0f87327b2957d5da63a2c6e65b0ea1

SHA256
de1d9040786c80f3f40f41c98aa1f6b14fc7b6f2d3db09eceadd340327164f8e

SHA512
bef1b7268d8c2c1f6c900fe392ecf11d2cd518dfa9944fb77c29c2306d20d89052a39c45d689054173ce866be1e93d4b3097131a120cd7567092527e1f50b3e1

Download Submit