Overview

overview

10

Static

static

3

Provadeidi...do.zip

windows7-x64

1

Provadeidi...do.zip

windows10-2004-x64

1

Prova dei ...do.exe

windows7-x64

10

Prova dei ...do.exe

windows10-2004-x64

10

msimg32.dll

windows7-x64

3

msimg32.dll

windows10-2004-x64

3

Resubmissions

31-01-2025 10:14

250131-l9xemsvmdn 10

31-01-2025 10:10

250131-l7qt3sspat 10

Analysis

  • max time kernel
    81s
  • max time network
    83s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    31-01-2025 10:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Provadeidirittidiproprietchestaiviolando.zip

  • Size

    6.6MB

  • MD5

    514f6ef2a0510aa24e913ecd081cc137

  • SHA1

    0f61dd23e8c0dc2cd31a2f3da78c66a9a7c602ba

  • SHA256

    4345cdfa4a21ab91c144f93d77a4b4c94b732a98f38c0bb6aaa792810ee8bb46

  • SHA512

    fbac18b496a6dd8c668f938c5b6b0fd5e1f5cde9db5ce510a5c86729898938dfcea53ce72c3eee3477e4ca7d743c112749cd721404172878f61f29bd67448c01

  • SSDEEP

    98304:mrMSjP7idUYvi2GqVo19zhBwn2gvMjQfIv/WxmvC2S8M9dAcxkgu4qy0:mIYPkfq9jxgUjFv/EmvC2S80Aekf4qy0

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Provadeidirittidiproprietchestaiviolando.zip
    1⤵
      PID:2064
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x568
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2348

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads