General
-
Target
Hazard-Token-Grabber-v2-main (2).zip
-
Size
13.9MB
-
Sample
240428-lwle8adc5t
-
MD5
cf40f14adddd27941a7bc0745c548b56
-
SHA1
d01e72ef808a92d95fc7db01d1b5cfb6f8df6b81
-
SHA256
1fcd473f1b3129ba10ab1a6a36a66890e8c20ee3ae36f12c8117a3fc604c6c41
-
SHA512
1b9c5d8bba4bc3a158e2f3879be2c15a756a2e851b738635167ee161c43e64aa7139b495717dd2fe2f08904ce3aa73e9ad8fa5cfc198d0167e836ff9cf27df46
-
SSDEEP
393216:mUI9I56e2p1+OESUZ+y+hxCzq3sj0Ewxes5XeRg:XQ46eO1+h/D+hxCe8j02sJeRg
Malware Config
Targets
-
-
Target
Hazard-Token-Grabber-v2-main/Hazard-Token-Grabber-v2-main/tools/dist/LastActivity.exe
-
Size
13.9MB
-
MD5
a928bd31d8371e073b40b6042face5fa
-
SHA1
4a7053396ef4a8fd76c0b833f46cc54448893f3c
-
SHA256
aa62987e2095f7bf6f56d5c761a997c73f16ae8a9d768ab51c732249a3bded7d
-
SHA512
cdcd60be7355348b95b649846d49bca5a22db3c6eb8d0ed4ae69d6fc9f74627c5be3f767a0d650582482fa2433ac494f768d8807b62adbdacff60ac469d3ab13
-
SSDEEP
393216:DJ+Fe0EkDS5AW1c4q1+TtIiFYY9Z8D8Ccl6l7EOjKkPXK5:90raAWa4q1QtIDa8DZcIl7skvK5
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-