Analysis
-
max time kernel
91s -
max time network
92s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20250128-en -
resource tags
-
submitted
07-02-2025 02:19
General
-
Target
250206-mp7kjstrgr_pw_infected.zip
-
Size
28KB
-
MD5
c7d1c8611f63692e0a2a5fbd08e03164
-
SHA1
8c26469824c76b5b6d71ab870a8d0216850825b8
-
SHA256
93e6ca53275d1f61640090affcc6f90bf9e7c4ba9d2f09d80b16f52468b61913
-
SHA512
7ecedd8a84efa6dacb50edd90d07af77bc462cbd624dc9ee02992c11d4d47b543bab5b546278d9085f1d6b4e05362a9e9ba95ff73d63a0fce015824c7b47ed30
-
SSDEEP
768:S3ngWFx/mM+KUzsowtjXmjCEHKBIUfJ66dxO07WiEgUF:0hBTUzsooDmjtUx66rO07KgU
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\250206-mp7kjstrgr_pw_infected.zip1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\250206-mp7kjstrgr_pw_infected\" -ad -an -ai#7zMap19787:138:7zEvent89411⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow