Analysis
-
max time kernel
842s -
max time network
842s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
18-01-2025 00:00
Static task
static1
Behavioral task
behavioral1
Sample
1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip
Resource
win7-20240903-en
windows7-x64
3 signatures
900 seconds
Behavioral task
behavioral2
Sample
1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip
Resource
win10v2004-20241007-en
windows10-2004-x64
23 signatures
900 seconds
General
-
Target
1737154984__«FîleReady▬PassWord▬Is☼◄172303►».zip
-
Size
407KB
-
MD5
ced26414ca3f2e9d6e330d76f9183f62
-
SHA1
f640e5339538a581d87c70b5046f109130c107d9
-
SHA256
75026653cd9be402306f50674ed7f8abead6d29517b76cda4a30ff1328798f3b
-
SHA512
be7e1e3f3ce3a1b8316fcafd1afb02155df31a7e38fd439d3c9c2c79b20f07ae94c7953ba363e94eef1c39bd46198c0d826f9632f4e5bae962450a5a052ec0a8
-
SSDEEP
6144:FW1lD8lJNW/1ny1qK2DpyKs2MVUGE1tg+El92nLKq4BDr6iJW/GsF02gjOtW5Ap1:krCoNhgKs2MWgJl9xKiJW+A02yV6a+
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2896 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2896 7zFM.exe Token: 35 2896 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2896 7zFM.exe