General
-
Target
recoverytoolboxforoutlookpasswordinstall.exe
-
Size
839KB
-
Sample
230401-jaw9gsgf84
-
MD5
bcd11ebbaa06f6f3df4f84959f5b835d
-
SHA1
17bf8a8f06bc5edc9b76cfa38011baee0d413c80
-
SHA256
984d81d0eec2086985364a9f190a5a575e31740b171fb136e2e75a17c2ffde86
-
SHA512
4680186092ebe9b6a71e46a57c8382e5c83c7effad73b83887d1aebd4090e394dea748cc1fb9ea8a94ffaf1a3bc79c25f2e9aaa0ec9072c24f4fb038f7897a34
-
SSDEEP
24576:22UxSjabHuEXe4Sm3laMMuV4/V+8YaXav:22ou/ilD62aS
Static task
static1
Behavioral task
behavioral1
Sample
recoverytoolboxforoutlookpasswordinstall.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
recoverytoolboxforoutlookpasswordinstall.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
recoverytoolboxforoutlookpasswordinstall.exe
-
Size
839KB
-
MD5
bcd11ebbaa06f6f3df4f84959f5b835d
-
SHA1
17bf8a8f06bc5edc9b76cfa38011baee0d413c80
-
SHA256
984d81d0eec2086985364a9f190a5a575e31740b171fb136e2e75a17c2ffde86
-
SHA512
4680186092ebe9b6a71e46a57c8382e5c83c7effad73b83887d1aebd4090e394dea748cc1fb9ea8a94ffaf1a3bc79c25f2e9aaa0ec9072c24f4fb038f7897a34
-
SSDEEP
24576:22UxSjabHuEXe4Sm3laMMuV4/V+8YaXav:22ou/ilD62aS
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-