Changes to Registry keys (Run/RunOnce) to ensure the malware starts on boot.

The timestamp in the filename ( 2020-12-22 ) suggests the file was generated or captured in late December 2020.

The file begins with 37 7A BC AF 27 1C , confirming it is a valid 7-Zip archive.

Searching for embedded URLs, IP addresses, or Windows API calls (e.g., CreateProcess , ShellExecute ).

The "video" executable may spawn a legitimate process like svchost.exe and inject malicious code into it. Summary of Findings

Awards of the Year 2019

Awards of the Year 2013
Apple, Apple Mail, Thunderbird, Entourage, Microsoft, Outlook and Office are trademarks or registered trademarks of respective owners in united states and/or other countries. All other trademarks are the property of their respective owners.

Gladwev Software

Copyright © 2026 Pure Lantern.com
All Rights Reserved. Privacy Policy

Video_2020-12-22_20-56-26.7z -

Changes to Registry keys (Run/RunOnce) to ensure the malware starts on boot.

The timestamp in the filename ( 2020-12-22 ) suggests the file was generated or captured in late December 2020.

The file begins with 37 7A BC AF 27 1C , confirming it is a valid 7-Zip archive.

Searching for embedded URLs, IP addresses, or Windows API calls (e.g., CreateProcess , ShellExecute ).

The "video" executable may spawn a legitimate process like svchost.exe and inject malicious code into it. Summary of Findings