Overview

overview

10

Static

static

3

nedfe.rar

windows7-x64

10

nedfe.rar

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-01-2025 18:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nedfe.rar

  • Size

    2.2MB

  • MD5

    accc94d0684fbb9e043d2863696b5ae0

  • SHA1

    03a71e4036d8950907fd405381d5bcfea0c2c684

  • SHA256

    e18b6d133656117a09751990c173b1a19136568d455b5b0c10b5e3e91151915b

  • SHA512

    6c933dda5bdcd3ac0ba098198062b3f4a3d599a3104dc98a4bd66358a515c9d98cd79627d083aaf18c203b1b1708fd38ad11205fa7b2597a11f36e03029c4b2a

  • SSDEEP

    49152:uR7m07hzxQzTzgzLIgEEXKRGyLYvrv5xofaG/ZH1DejeD8mJ3mXQJmBo0:o0ALIgExRGzrv5WZVDejq2A6

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\nedfe.rar"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:4312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads