Overview

overview

10

Static

static

5

Envio de d...G).zip

windows10-ltsc 2021-x64

1

d789879fb4...f9.eml

windows10-ltsc 2021-x64

3

COMPROBANT...df.zip

windows10-ltsc 2021-x64

10

COMPROBANT...df.exe

windows10-ltsc 2021-x64

10

email-plain-1.txt

windows10-ltsc 2021-x64

1

Analysis

  • max time kernel
    154s
  • max time network
    198s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250113-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250113-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    14-01-2025 15:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Envio de documento OC016 PAGO192025.Pdf-password(Gzx04AuG).zip

  • Size

    867KB

  • MD5

    6a05299e86c2965a66294bdab1c3af40

  • SHA1

    997d8aef9dafe2759e1665748df130a65be05af8

  • SHA256

    11d8b7816c187d751da9c34ed7f37f335f177409b116581078864912c705cc2c

  • SHA512

    8d6f3c9c6bb9e2a20a5facb9aed22ad3f4ca2903515ecea12c46f41c6f10e76098e40e8a82fc4d368a7454ce9dfb98de42d4fa683434c7252386099f01bc28b7

  • SSDEEP

    24576:LVlHk+zb1sLP68N+J4KfjUfvw2n/j4Q03PJLKAgy+58:BH9yi8N+J5jmwU/j4QoOzm

Score
1/10

Malware Config

Signatures

  • Modifies registry class 2 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Envio de documento OC016 PAGO192025.Pdf-password(Gzx04AuG).zip"
    1⤵
    • Modifies registry class
    • NTFS ADS
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:1172
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zO494FE828\d789879fb4a6c42171f2cb73a8d85d094629eea7ae02f74d55263403b6358ef9.eml
    Filesize

    866KB

    MD5

    88c77cc2e6e9d9f6deb1f001910d4c2b

    SHA1

    0f6fdcef13a6b1bc7f32598ee6e18693fd5566f6

    SHA256

    185a044604b0a636b9da7f2406bfd4524df50287bcf694ed0b085770e5cbdad2

    SHA512

    ce8c3add88bec211a1a977bdd1076690f58f18514f57d3ae7cae56680c4abe16e647b9f8019a246d1f6a29d5adaa18253aac6382469a3a493e0206ac1cffbae7

    Download Submit