Overview

overview

7

Static

static

3

9009f15a44...08.exe

windows7-x64

7

9009f15a44...08.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Outlook Pa...lp.chm

windows7-x64

1

Outlook Pa...lp.chm

windows10-2004-x64

1

OutlookPas...ry.exe

windows7-x64

1

OutlookPas...ry.exe

windows10-2004-x64

1

libpff.dll

windows7-x64

3

libpff.dll

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9009f15a4461948da35b8c6250cbba08

  • Size

    1.8MB

  • MD5

    9009f15a4461948da35b8c6250cbba08

  • SHA1

    f1bb4b479b9488d7ba7322c83b2d4670f4694e2e

  • SHA256

    cda5bc0b3aa9f0005652490e042594662f14929b78d324d47ff77e8ce902bd42

  • SHA512

    4b72ff3be6f4ff8126d35216a3779573060b79fbea3ad4108153205a73cf574d0929fa733066408d4659e3f828c6cdffff2a1bd400c5dbee1d0839fb756396c4

  • SSDEEP

    49152:Du8cJENxa5PxQ4WLdWIPJ26JwtD0KTB8ntgeNA9ODsfgEsMJc:DuDCNUpxQjdJ9JwthTB8ntgeN/DsfgEU

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 9009f15a4461948da35b8c6250cbba08
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • License.txt
  • Outlook Password Recovery Help.chm
    .chm
  • OutlookPasswordRecovery.exe
    .exe windows:5 windows x86 arch:x86

    a2c82768106499475956b979747413af


    Headers

    Imports

    Sections

  • image/AboutPST.bmp
  • image/Bottom.bmp
  • image/ButtonAdd.bmp
  • image/ButtonBuyNow.bmp
  • image/ButtonCancel.bmp
  • image/ButtonClose.bmp
  • image/ButtonEvaluate.bmp
  • image/ButtonExit.bmp
  • image/ButtonMin.bmp
  • image/ButtonOK.bmp
  • image/ButtonRecovery.bmp
  • image/ButtonRemove.bmp
  • image/ButtonRemoveAll.bmp
  • image/Left.bmp
  • image/Right.bmp
  • image/Tab_button.bmp
  • image/Thumbs.db
  • image/Top.bmp
  • image/TopAbout.bmp
  • image/TopBuyNow.bmp
  • image/TopFound.bmp
  • image/TopRegistration.bmp
  • image/about.bmp
  • image/buynow.bmp
  • image/help.bmp
  • image/left_panel.bmp
  • image/list_hearder.bmp
  • image/register.bmp
  • image/top_background.bmp
  • image/top_panel.bmp
  • libpff.dll
    .dll windows:5 windows x86 arch:x86

    02b87b1d9b71f411ff1231768654ba41


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections