Overview

overview

10

Static

static

10

097bfe2e3c...d6.exe

windows7-x64

9

097bfe2e3c...d6.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 01:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    097bfe2e3cdd04c3348917d1b7c264d6.exe

  • Size

    47KB

  • MD5

    097bfe2e3cdd04c3348917d1b7c264d6

  • SHA1

    83eb293f422253b5453760d60d13930e68d1ab4f

  • SHA256

    f0a0e3459bb57d79b2fbf161b79263185431fa8834fb902804a633c01f4c711c

  • SHA512

    68243ef7c65d26eaaff047c82bdc12890c3fc0924973bda740c835a91eca4a09206ae256513466bdcb8a8ab86fd93bed9860bc444bfa38cf379562b6c25d33fc

  • SSDEEP

    768:bKKJjFD7ORPrXNeYJ9PSq4qjbQ9JsPMUydwt7S5EG/9qur6EYBR3Cd:DlFDOzd5994qjbQlUydSoR6EY/C

Score
9/10
collectionupx

Malware Config

Signatures

  • NirSoft MailPassView 1 IoCs

    Password recovery tool for various email clients

  • Nirsoft 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Accesses Microsoft Outlook accounts 1 TTPs 1 IoCs
    collection

Processes

  • C:\Users\Admin\AppData\Local\Temp\097bfe2e3cdd04c3348917d1b7c264d6.exe
    "C:\Users\Admin\AppData\Local\Temp\097bfe2e3cdd04c3348917d1b7c264d6.exe"
    1⤵
    • Accesses Microsoft Outlook accounts
    PID:4176

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4176-0-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/4176-1-0x0000000000400000-0x000000000041D000-memory.dmp

          Filesize

          116KB

          Download