Overview

overview

7

Static

static

1

Елект...��.rar

windows7-x64

7

Елект...��.rar

windows10-2004-x64

1

Елект...93.txt

windows7-x64

1

Елект...93.txt

windows10-2004-x64

1

Resubmissions

22-01-2025 06:59

250122-hr77mstphv 8

13-01-2025 11:48

250113-nyfc4a1khx 7

23-12-2024 21:41

241223-1jv68asmbl 1

Analysis

  • max time kernel
    148s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    13-01-2025 11:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Електронний платіжний документ_384783/Електронний платі�.rar

  • Size

    106KB

  • MD5

    6a7a421b9cb4d94f9e45508d2b97f50d

  • SHA1

    73f0b4aae8c22cf1b4b06fcf187c00df72f5856c

  • SHA256

    dd58a12e80fa9914419db7eb5a571bc3ebcdaacad17505d03369531d5b33ecdf

  • SHA512

    45e04f5aadd84012a3bb133088408a39cc736c4653528e0783c38002a413e0349850f50862b792dc6cbe0f561e7bfe5802343dbc6d52ff43643e38c9987940bf

  • SSDEEP

    3072:o1egkeFkCg78J+YCSii28tODZUB/mNAT4IGhrpy:fgBkCg7vpmOK/1T4IGW

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 12 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 7 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Електронний платіжний документ_384783\Електронний платі�.rar"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1748
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2928
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x4e8
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2712

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • \Users\Admin\Downloads\Електронний платіжний документ.pdf.exe
      Filesize

      159KB

      MD5

      7070f4f3af9ebc5619d62c1fcba6113d

      SHA1

      7176ce3982b651d04c4cf1b171bf930ea5a72ceb

      SHA256

      316d5c59f698a69c054680ba57b029da7fb3d947f652d0a8461a0503da27c1fb

      SHA512

      9bd6dc4b1ac830d42ad0aa15b7bb5df172fc56126b624abf5c7351276b6eb283f347a046f17b28ddbf9d0d787e94c2915b1db0a99e4058297fc6bdd4035e13f1

      Download Submit