Resubmissions
24-01-2025 12:21
250124-pjmz3azkaq 624-01-2025 12:20
250124-ph5hqazjhk 1024-01-2025 12:01
250124-n62lasyndm 424-01-2025 12:00
250124-n6gwwsxmas 1024-01-2025 11:33
250124-npc7dawpay 524-01-2025 11:20
250124-nfkvvsxlan 10Analysis
-
max time kernel
359s -
max time network
360s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24-01-2025 11:33
General
-
Target
RuhsatBelgesi12ACE575 FORDKUNGA.rar
-
Size
547KB
-
MD5
7bca6bb94ae289df7f4e93af463f4baa
-
SHA1
919fbc6a305b54ae7d95179e5737dcfa7632fe13
-
SHA256
5de6fc51288473b4d652bc281af2bac6d8a5b3795d12d63fb8b50e08d5294ebb
-
SHA512
dad2d0b9c73060aa3e65a62e264c12430654754a0681119b816db705c25e6d385d0a55f97b3d0ea53edaf98701ddb338c64bf123243cb83d4a48dcb060711e68
-
SSDEEP
12288:xAiQsro08VCJ3hr0Duo1KdTZXltaaVGIq:x3roRVm3uDd1KzVGIq
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\RuhsatBelgesi12ACE575 FORDKUNGA.rar"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow