Analysis
-
max time kernel
92s -
max time network
134s -
platform
windows10-ltsc_2021_x64 -
resource
win10ltsc2021-20250314-en -
resource tags
-
submitted
22/03/2025, 22:33
General
-
Target
R.E.P.O.v.0.1.2.co-op_02.rar
-
Size
358.0MB
-
MD5
c4f6bba19690b8eca8416aceab8eb6c4
-
SHA1
37cedee608cb68fff0d37c37924c3575ce292f7f
-
SHA256
67d1d7881e51d02af2ff5726bee7ea59a5b561cc9f9b91a4b1eaf5052e9c80b6
-
SHA512
81a4d7f0fb50d7c61159e99880b71cb6e0082f34382dc7c8f98607d2d3a8fe31e0efb63ba402790549da76ef7ffcc47d18a1e6527b9e32aab3704badfff07c01
-
SSDEEP
6291456:77N8CpCR0cxfYCyGXXvPp215QUvvLtXRnZbk6yULGbjWr2M/RZYiDewvto:7q0CR0CfY9GPPpOQsvL5/wULGb6lXYio
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 3 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
Processes
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\R.E.P.O.v.0.1.2.co-op_02.rar"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵