General
-
Target
96c7a130ac35505293e7766f058a6d07.bin
-
Size
446KB
-
Sample
240609-ekw91sdd2w
-
MD5
66024d5b12f23926c4e77be3c808a210
-
SHA1
6c0cf2efd4d567134fe97e127c93122ffa56733d
-
SHA256
db4788aeaa91caa08c95e71dd742a3b51cc19c1187c51830ca4b17149956a45c
-
SHA512
7698255136536a5ec2788e7ef602c77e454c4fccb9b5facfcb4ab0354c68982e60cc5756bcf1110a1d01b0219d77c6600d5dbd15994d8906bb946f9c8d02df22
-
SSDEEP
12288:hpmHROk4WE04NqAH6eRosssUT/+PqcNgvcUT:jmxE0eqUdR2s2+PFwcUT
Static task
static1
Behavioral task
behavioral1
Sample
ae81b5336b8e70c6fc258e963c24346ded948f6df565a51dde18d7cdcfec753c.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ae81b5336b8e70c6fc258e963c24346ded948f6df565a51dde18d7cdcfec753c.jar
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
ae81b5336b8e70c6fc258e963c24346ded948f6df565a51dde18d7cdcfec753c.zip
-
Size
452KB
-
MD5
96c7a130ac35505293e7766f058a6d07
-
SHA1
05638c895529fb2d7249b87c4250ab299fa4f937
-
SHA256
ae81b5336b8e70c6fc258e963c24346ded948f6df565a51dde18d7cdcfec753c
-
SHA512
9d3fe14608a995cad1d0ac80d49b40fe213dfa289c396987bc9c0e992608d336cf7aee71a5bdb8c869859b0a286d50f1781a4875b2e47d54143d46110b6ed065
-
SSDEEP
12288:KUzrcAYk32MH/M9knDQPGrotZy69vMhUQztrqVOH:pcAYkmMfsIyKotZJ9vMhUQzJoM
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-