Overview

overview

10

Static

static

3

XPO Invoice PDF.exe

windows7-x64

10

XPO Invoice PDF.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    157s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 21:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XPO Invoice PDF.exe

  • Size

    987KB

  • MD5

    4cac3c740dc5c38cbe667df5a0293927

  • SHA1

    4524d1c0aa6a3e18c2583cba53514c24d4f3841a

  • SHA256

    837e9b44da47b21ddfc5b5441882c69794feb3fb6327517bfd38af9cee96ab86

  • SHA512

    4fe8872e7d1b9d679d43ee6c1928da1c2101960b1f49d0b05c4d3c635fd07d773a4b32c663b784d5a75fa2db0a3c66e23dd2f23aa505c066ad63f47fc2ac7de3

  • SSDEEP

    12288:uXO6MavWMO6MavW8TeRoqr+ZA9IJwjvd0CVq:uXO6MavWMO6MavWKqaA9jvd0C

Score
9/10
evasion

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\XPO Invoice PDF.exe
    "C:\Users\Admin\AppData\Local\Temp\XPO Invoice PDF.exe"
    1⤵
    • Looks for VirtualBox Guest Additions in registry
    • Looks for VMWare Tools registry key
    • Checks BIOS information in registry
    • Checks computer location settings
    • Maps connected drives based on registry
    PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2316-0-0x00000000747F0000-0x0000000074FA0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2316-1-0x0000000000D80000-0x0000000000E7C000-memory.dmp

    Filesize

    1008KB

    Download

  • memory/2316-2-0x00000000058B0000-0x000000000594C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2316-3-0x0000000005F00000-0x00000000064A4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2316-4-0x0000000005950000-0x00000000059E2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2316-5-0x00000000747F0000-0x0000000074FA0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/2316-6-0x0000000005830000-0x0000000005840000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2316-7-0x0000000005890000-0x000000000589A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2316-8-0x0000000005B40000-0x0000000005B96000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2316-9-0x0000000005830000-0x0000000005840000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2316-10-0x0000000000F50000-0x0000000000F64000-memory.dmp

    Filesize

    80KB

    Download

  • memory/2316-11-0x0000000005E10000-0x0000000005E76000-memory.dmp

    Filesize

    408KB

    Download

  • memory/2316-12-0x0000000005330000-0x0000000005340000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2316-13-0x000000000CEC0000-0x000000000CF26000-memory.dmp

    Filesize

    408KB

    Download