Overview

overview

5

Static

static

1

EXTERNALPl...��.msg

windows7-x64

5

EXTERNALPl...��.msg

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2024, 09:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EXTERNALPlease correct your delivery address to ensure timely delivery. ✍🚚.msg

  • Size

    145KB

  • MD5

    3a1b43409e3c2dbfa21361da114f4af8

  • SHA1

    95ab1d48151f7b20a7a3d9f667c288d5ff0af0ab

  • SHA256

    945a38204f87b3f239b4b2becfb2f6cc4d2882f29bff6925e0255a7fff9a1c2a

  • SHA512

    3ec219c88f1126f8f25179ba5ac6afa931e49a9e7636cb82ab33b7b4bc524f18ee1ed9ca4216b4dd1e8a50a5c615ff77a9260e9c12b4c4ff0e6ff003c64958e9

  • SSDEEP

    3072:dfg/jtwIjFZI0keAlqcKPjfASeNXtmcMx4LuTo/tZqrL5IVJNLYcx:Zg/5wIFZI0VmKjPOdXZqr8

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 14 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE" /f "C:\Users\Admin\AppData\Local\Temp\EXTERNALPlease correct your delivery address to ensure timely delivery. ✍🚚.msg"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    • Suspicious behavior: AddClipboardFormatListener
    PID:2500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Outlook\mapisvc.inf
    Filesize

    800B

    MD5

    5d70703422c4f3e8dbe75ff1ca11b51c

    SHA1

    2f1efe05b667952a49bda6699b09bfa6c4df4aca

    SHA256

    c53db102bc6a0383ff07b3965490504601825078b215673808221513a49fc037

    SHA512

    c69bc84d9a4837ada45a0e25a315ee26d1166f488e60c172e8c0746fee1cb033cce2598d882c18de7765290b1116349856d2b023c29c21f6312514957dcaa44f

    Download Submit

  • memory/2500-0-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2500-1-0x0000000073CBD000-0x0000000073CC8000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2500-124-0x0000000073CBD000-0x0000000073CC8000-memory.dmp

    Filesize

    44KB

    Download