Overview

overview

10

Static

static

1

Comprobant...789.7z

windows7-x64

10

Comprobant...789.7z

windows10-2004-x64

1

Analysis

  • max time kernel
    95s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-01-2025 22:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Comprobante_swift_9767864574756346523cc43546576ds8977564534253465789.7z

  • Size

    791KB

  • MD5

    eefe9cb1da2c5dc85184e4f47e5550bb

  • SHA1

    062563762fa1051449405812ae257dddb4c6694c

  • SHA256

    e446ae2fc3adac5f36700dc6c69efb421a569266cae84742e7027d6c980a0f6e

  • SHA512

    f085850f6402b957a7f048284131d7e4f3e696d5b6b4b4609bea1d93f61805af0451dc942fb24ee585b3e892c906284e13d5a95fc6097cb4253c2669f9bc3a44

  • SSDEEP

    12288:XpUqUQJx5t42kZqfYt6J5EquI6jDsjPeJA7hJDwN0Brp/Uga6ZRxzZ6ls6Gbpj:ZpUe5ePqfBjJj/hXZ9Uga6RxsGbpj

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Comprobante_swift_9767864574756346523cc43546576ds8977564534253465789.7z"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads