Overview

overview

10

Static

static

8

install.bat

windows7_x64

10

install.bat

windows10-2004_x64

10

install.vbs

windows7_x64

10

install.vbs

windows10-2004_x64

10

mailsend.exe

windows7_x64

1

mailsend.exe

windows10-2004_x64

1

rfusclient.exe

windows7_x64

1

rfusclient.exe

windows10-2004_x64

1

rutserv.exe

windows7_x64

10

rutserv.exe

windows10-2004_x64

10

vp8decoder.dll

windows7_x64

1

vp8decoder.dll

windows10-2004_x64

1

vp8encoder.dll

windows7_x64

1

vp8encoder.dll

windows10-2004_x64

1

Analysis

  • max time kernel
    110s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    17-03-2022 01:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mailsend.exe

  • Size

    1.2MB

  • MD5

    ac23b87f8ec60ddd3f555556f89a6af8

  • SHA1

    3cea6f84757d15ee8d7fa19d3dfc4992c50aa90c

  • SHA256

    80a1d0a15066c7af67cf5377e59e450c2a96018505236f8f3352173282b27ae4

  • SHA512

    57e67eab9c2a3b94161500eb0091533a539454e9bfddd47c61477299de9455b7ca11c498c5d8a7d77f4763a2053acb4ff96868a9313fede29969edc16d35b167

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mailsend.exe
    "C:\Users\Admin\AppData\Local\Temp\mailsend.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads