General
-
Target
tspm.bin
-
Size
1.1MB
-
Sample
200707-c6754rh4dx
-
MD5
a4fac8df05ee106a9f658b9bb4f90d05
-
SHA1
8d02ab35f57f4a98679935c7fd6d20e5ceef585a
-
SHA256
7b4a13c022f0948f0a7ace0c2ea8b85af4f596338af14c3a1be2e63f55cbb335
-
SHA512
c3d2c2f33637fed7b410ef15dce824ba21103fa970163a10759b1089e4814c0d22e7e22f5954ff7d08dd087ead822f7c8783a47ce1bd01d244728b3fb61f5bf7
Static task
static1
Behavioral task
behavioral1
Sample
tspm.bin.exe
Resource
win7
Behavioral task
behavioral2
Sample
tspm.bin.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
tspm.bin
-
Size
1.1MB
-
MD5
a4fac8df05ee106a9f658b9bb4f90d05
-
SHA1
8d02ab35f57f4a98679935c7fd6d20e5ceef585a
-
SHA256
7b4a13c022f0948f0a7ace0c2ea8b85af4f596338af14c3a1be2e63f55cbb335
-
SHA512
c3d2c2f33637fed7b410ef15dce824ba21103fa970163a10759b1089e4814c0d22e7e22f5954ff7d08dd087ead822f7c8783a47ce1bd01d244728b3fb61f5bf7
Score10/10-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Enumerates connected drives
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Modifies service
-