General
-
Target
sample-319216-dc8d9c9a86fe4830053697c1dc59dc6f.zip
-
Size
588KB
-
Sample
201205-95p79pzd1x
-
MD5
173ebc84805a4fd75124723121d6a0e8
-
SHA1
e2e53851847952eabfcd846858c276ade5e26442
-
SHA256
0a61127840266ccb44c1faf9fe57db4e3354f163814ecebbbcbbddcca8f7e371
-
SHA512
926af907019b5db9fff3053a78a3551213e7f6b3c81f4a8d96a1e931392aeba6a17ad183165bd053b72008f2996d3a2ca086122bfa63ab7a4dd5e9e9b350a884
Static task
static1
Behavioral task
behavioral1
Sample
CDC GUIDES COVID-19 Second Outbreak Warning release.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
CDC GUIDES COVID-19 Second Outbreak Warning release.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
CDC GUIDES COVID-19 Second Outbreak Warning release.exe
-
Size
630KB
-
MD5
dc8d9c9a86fe4830053697c1dc59dc6f
-
SHA1
a63fa3cc878efe75ecf849111c3e3d417fef4fdd
-
SHA256
5dcd1649d97e0da882778ec70677be52b49603b6596b044518f02c278d93d0f2
-
SHA512
8f91aca4b85d53745f395888ffb8e2d5f17f06afc7e302f2ed19c840377c70ef807ba14748fefd2a756b27b54808651087fbcba572f0d162b06c8a0e9283ef8c
Score10/10-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-