Overview

overview

6

Static

static

INVOICE AZ340098.exe

windows7-x64

3

INVOICE AZ340098.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    INVOICE AZ340098.exe

  • Size

    96KB

  • Sample

    230202-fy99gafb38

  • MD5

    6cb19652cca7715b5bfdbab9dd37b5c9

  • SHA1

    974ddadb8e316cb800cf8cfde95f22a17ea1fd52

  • SHA256

    b9ce22d86ba1fd0268708a85e302d079f4aea92d36334b385aac28465cf67e9d

  • SHA512

    83d395c6d457f40341ade28db7b1ed9bbb19e92d246a4a5918ab9c268cdcc5d62cd1305117fa9c2a0d4177119a280aeb775d76e603793a01e1667f4533ae0347

  • SSDEEP

    768:O++rN0JFuOPIkzhNM75NbcVfup+btYAJHa4H:OBN04kzjUcVfupotYyTH

Score
6/10
collection

Malware Config

Targets

    • Target

      INVOICE AZ340098.exe

    • Size

      96KB

    • MD5

      6cb19652cca7715b5bfdbab9dd37b5c9

    • SHA1

      974ddadb8e316cb800cf8cfde95f22a17ea1fd52

    • SHA256

      b9ce22d86ba1fd0268708a85e302d079f4aea92d36334b385aac28465cf67e9d

    • SHA512

      83d395c6d457f40341ade28db7b1ed9bbb19e92d246a4a5918ab9c268cdcc5d62cd1305117fa9c2a0d4177119a280aeb775d76e603793a01e1667f4533ae0347

    • SSDEEP

      768:O++rN0JFuOPIkzhNM75NbcVfup+btYAJHa4H:OBN04kzjUcVfupotYyTH

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks