Overview

overview

3

Static

static

3

Outfit Editor.exe

windows7-x64

3

Outfit Editor.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    16s
  • max time network
    12s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-09-2024 22:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Outfit Editor.exe

  • Size

    428KB

  • MD5

    0765a779e17e446bb74df7dfb75f7450

  • SHA1

    6cf048596972013a27f9e968d86961f85ed72386

  • SHA256

    a25cee8a38e8e8383a2da08a962e5a96bfb3758ceb58b5f547b87bc1f3d7aded

  • SHA512

    d727ff584ce63239c06a9c6318df007d9e66e8d9dbe724a4e86eb173f2d292d19d3573468f80158f6809b772d7d9ba92905fe69368938b646f955279aa14a3c9

  • SSDEEP

    6144:nszAXNK+3FZr1QhiWsQH/bm9g+CG66GLHQH/bm9g+CG6G0jbpPm3Fu:nLXFcfqFCnwfqFCU0jb1mY

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 17 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe
    "C:\Users\Admin\AppData\Local\Temp\Outfit Editor.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\Desktop\b941304b-243f-4b0d-86ea-206f09e589b7.ini
    Filesize

    615B

    MD5

    6084477b197f8372ce19f1da9dd2bd49

    SHA1

    5889d84246fbd001eb69623a676780694abd5f11

    SHA256

    61087d852cf84bdf33e0123a8a3e792ae388691538ebee2dc4e259d4561d7009

    SHA512

    1a676fb5375cc338977f05882b9123f6f0b1b37a4c6928f5f82c444ff442043eccfa3a4cec89938fa221a7d5aefaaaf2005ed88cf6e15ad8f44f8303f2b2e173

    Download Submit

  • memory/3984-0-0x00007FF9EFEEB000-0x00007FF9EFEEC000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3984-26-0x00007FF9EFEEB000-0x00007FF9EFEEC000-memory.dmp

    Filesize

    4KB

    Download