Overview

overview

6

Static

static

3

Outfit Editor.exe

windows11-21h2-x64

6

Analysis

  • max time kernel
    20s
  • max time network
    22s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    01-09-2024 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Outfit Editor.exe

  • Size

    1.6MB

  • MD5

    9e098a17366160da27240c1e5f84bcb6

  • SHA1

    ecf29c430de51ffecc3d888db2c1eac1056c3497

  • SHA256

    7a20fe2798f399499aa54a4c9972403036645f31f7640fc8eaf1ad5d815ff297

  • SHA512

    751b8c614db0fe26f25d61eceece21d46d392d76d2da6c2c2009b6b5af22ff5491f55f60a8a246aaaa6d49cd11cd85062e6aca15afb0f203bce1f1a89d725a98

  • SSDEEP

    24576:ondJ0Rff/vq/4Uej+qIehqshHGD3hJr3PzMVJLZZ7yJZOineLs2ue/Co7gNwM:V3v8TejhmDDLPQVJL/yJciUB7y

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 17 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe
    "C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2444

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\03e4ca97-92b8-4104-82dc-076da02e39cc.ini
    Filesize

    613B

    MD5

    8496c18a252f948a6e5952511b70c279

    SHA1

    1e93d8a2bdeba49fb23d50f389f1233a45c5cb4c

    SHA256

    79edad12a2957dc5b05b9346ac5a18fc9a3beb30cd960d31ba6efca85434a29f

    SHA512

    e7d1c28a3b7de9459aa0330fcca6a8e0ac61ca1a84e3dfa102840bd0158108b6271c88993b883692e64032c9f6d7029dddfdea133aad0ea4946a65f4165fc1dc

    Download Submit

  • memory/2444-5-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-44-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-9-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-4-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-0-0x00007FFC3A433000-0x00007FFC3A435000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2444-6-0x000001FBA7CD0000-0x000001FBA7CD8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2444-8-0x000001FBA7CE0000-0x000001FBA7CEE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2444-7-0x000001FBA7D50000-0x000001FBA7D88000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2444-3-0x000001FBA5560000-0x000001FBA56EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2444-2-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-36-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-35-0x000001FBA8910000-0x000001FBA8932000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2444-37-0x00007FFC3A433000-0x00007FFC3A435000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2444-38-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-39-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-40-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-41-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-42-0x00007FFC3A430000-0x00007FFC3AEF2000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2444-1-0x000001FB8AC70000-0x000001FB8AE04000-memory.dmp

    Filesize

    1.6MB

    Download