Overview

overview

6

Static

static

3

Outfit_Editor.exe

windows7-x64

6

Outfit_Editor.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/04/2024, 09:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Outfit_Editor.exe

  • Size

    1.6MB

  • MD5

    73168ce148a27ee9e5e077fb149d31b3

  • SHA1

    7c1ae2d81a6a1ceb9fdf70152847d771a861156c

  • SHA256

    1d196fdc058f66fbf367ba82280d018150627f053c3736430413cce6534cf776

  • SHA512

    e810cdb3bc860e88067e69c46e01bd8339452273bf0dfffe77519af51a9e6936f3f91013d189f710c8be28cb455891c81c0a4b9bfe1abd5074e65c9a0c4aa7a1

  • SSDEEP

    24576:tURW3fnfX4JKI7YkhCL7zsnoNT0bxteS7QpFZIdZGT01O/D67p9LVcxo5:KKn4R7HEzss0bnjcJWGUQD67XL9

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Outfit_Editor.exe
    "C:\Users\Admin\AppData\Local\Temp\Outfit_Editor.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4304

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\508f9338-bcae-45ab-8576-1d09cb64fa59.ini
    Filesize

    613B

    MD5

    2187ab63d804214087f85f0bbac480d5

    SHA1

    ddc2fea3beb8064feb257f464898b31725561f63

    SHA256

    71947db6210a8dc9b1a8b1733a9f2cde04e2e5def929d5321c1da298e869dc17

    SHA512

    a33f77ce352d12cc46137f64d83ff3a5de134ca500f56bae26737b80b0b03faf518fbecf48c23633b73690ff98e9e17f2bc02380dc44c93610085c9ae7ab38a6

    Download Submit

  • memory/4304-8-0x0000018FEE890000-0x0000018FEE8C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4304-1-0x00007FFC77050000-0x00007FFC77B11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4304-3-0x0000018FEC0F0000-0x0000018FEC27E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4304-4-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-5-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-7-0x0000018FEE840000-0x0000018FEE848000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4304-2-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-6-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-9-0x0000018FEE850000-0x0000018FEE85E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4304-0-0x0000018FD0120000-0x0000018FD02B2000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4304-35-0x0000018FEE900000-0x0000018FEE922000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4304-36-0x00007FFC77050000-0x00007FFC77B11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4304-37-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-38-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-39-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4304-40-0x0000018FEA760000-0x0000018FEA770000-memory.dmp

    Filesize

    64KB

    Download