General
-
Target
main.exe
-
Size
18.5MB
-
Sample
240705-ts426atfnf
-
MD5
91efd134d1b421127c15d4e9334143cb
-
SHA1
ff13e99e0b3398e73a480b1d47beda59e089d485
-
SHA256
528b5371a2830f35dee614595b3f73cb8ecc8dbe4416dcb65e8e57ae251014e1
-
SHA512
bf840aedcf3f39731a69c9cf31c2fd1b27fb67fa0b49c5cfedb26181a4aaa806d0d8a652ec01ca6a608e84d86195d92866b42ba95537cc28bc5862379ebff875
-
SSDEEP
393216:DqPnLFXlrPrQ8DOETgs77fGFoghnycvvQvEi4XhMJOTQ7YSq:GPLFXNjQhE7XQnycnJZXiJOTf
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
main.exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
main.exe
-
Size
18.5MB
-
MD5
91efd134d1b421127c15d4e9334143cb
-
SHA1
ff13e99e0b3398e73a480b1d47beda59e089d485
-
SHA256
528b5371a2830f35dee614595b3f73cb8ecc8dbe4416dcb65e8e57ae251014e1
-
SHA512
bf840aedcf3f39731a69c9cf31c2fd1b27fb67fa0b49c5cfedb26181a4aaa806d0d8a652ec01ca6a608e84d86195d92866b42ba95537cc28bc5862379ebff875
-
SSDEEP
393216:DqPnLFXlrPrQ8DOETgs77fGFoghnycvvQvEi4XhMJOTQ7YSq:GPLFXNjQhE7XQnycnJZXiJOTf
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-