Overview

overview

9

Static

static

9

mailpv.chm

windows7-x64

1

mailpv.chm

windows10-2004-x64

1

mailpv.exe

windows7-x64

6

mailpv.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    mailpv.zip

  • Size

    289KB

  • MD5

    5ef3cab491f4654b0f2dffa913098875

  • SHA1

    4f91d8d3d21a03b9594ec7d70bde3208d49176ad

  • SHA256

    b95fce07879c83cdbc8e1e4bb5d6bc4f5a552049db28d15a1427a16e4296200f

  • SHA512

    29dfd451a852272fe0e18a0b1430d7593a395b92c4d570ac55cdef1dcd464585c240e79a204e3ca5da5f892d8ccda8ef8bfdb3919c621518689436bee8c63e7a

  • SSDEEP

    6144:cosKgtgRz4U/6+jwCRin5JJwS3HZbxFwOGQBZKAKEprP2ZOGnTej:Ps5tgmJTDJRbnBTT+HT8

Score
9/10

Malware Config

Signatures

  • Detected Nirsoft tools 1 IoCs

    Free utilities often used by attackers which can steal passwords, product keys, etc.

  • NirSoft MailPassView 1 IoCs

    Password recovery tool for various email clients

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • mailpv.zip
    .zip
  • mailpv.chm
    .chm
  • mailpv.exe
    .exe windows:5 windows x86 arch:x86

    4bb731cbb501f2408ea945577453f943


    Headers

    Imports

    Sections

  • readme.txt