Managed XDR

blk.zip (ALPHV) — malware analysis report

File info

Filename
blk.zip
File type
Zip archive data, at least v2.0 to extract
File size
1.5 MB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
3297b99a5d9a0c1ca4bcdd59c6bcfbad3655bbd2
SHA256
d6c26344396216887fe3cdb36f0529754a7fd474a873c7791640159da5f310b6
MD5
99ef592f88181a3c0526c30ad5813104

Malwares

  • ALPHV

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
ce_info: Blackcat Configuration Data found
only_exec_in_archive: The archive contains only an executable file
no_graphical_activity: No graphic activity

Related reports