Resubmissions

13-01-2021 08:15

210113-c1g9srxafs 6

12-01-2021 06:28

210112-q7pndqt7qn 6

General

  • Target

    nlOiE.jpg

  • Size

    745KB

  • Sample

    210112-q7pndqt7qn

  • MD5

    a20b49ae1d1200c84a0344f5ad3353dd

  • SHA1

    3c4e0a61b36c90603d540d83471ab07efe330055

  • SHA256

    2834d72111e621f895420cd798a08fd8da8371c1062eb0b9bbc7446d7212804e

  • SHA512

    1e80bf08e024d86792c680cf12fc53c6e7fe52d1c1a02c990ce46cda410c4dab6840912b4894cd97f3cf74dfa401bd56eba43187f14fe1735c133fc6bea9f5da

Score
6/10

Malware Config

Targets

    • Target

      nlOiE.jpg

    • Size

      745KB

    • MD5

      a20b49ae1d1200c84a0344f5ad3353dd

    • SHA1

      3c4e0a61b36c90603d540d83471ab07efe330055

    • SHA256

      2834d72111e621f895420cd798a08fd8da8371c1062eb0b9bbc7446d7212804e

    • SHA512

      1e80bf08e024d86792c680cf12fc53c6e7fe52d1c1a02c990ce46cda410c4dab6840912b4894cd97f3cf74dfa401bd56eba43187f14fe1735c133fc6bea9f5da

    Score
    6/10
    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks