General
-
Target
530000.exe
-
Size
434KB
-
Sample
210309-lc2gdaejhe
-
MD5
b9a52ad5db64cdde1d471191e868f448
-
SHA1
9a412d9504f442166794724884620f4e65a6e553
-
SHA256
6e6dfb6c3ce7a1a428b51a52ab1a1bb625f791f207204c29efe8c554b37d5cfe
-
SHA512
bbb6588175baff4883ba85e2573ff69f8130014e732fd6d9570f6d21246a846292b3a33b2ed5df3c3bfc60cb5da6c31e9f0c7a92498ae274393052320b0b23a1
Static task
static1
Behavioral task
behavioral1
Sample
530000.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
530000.exe
-
Size
434KB
-
MD5
b9a52ad5db64cdde1d471191e868f448
-
SHA1
9a412d9504f442166794724884620f4e65a6e553
-
SHA256
6e6dfb6c3ce7a1a428b51a52ab1a1bb625f791f207204c29efe8c554b37d5cfe
-
SHA512
bbb6588175baff4883ba85e2573ff69f8130014e732fd6d9570f6d21246a846292b3a33b2ed5df3c3bfc60cb5da6c31e9f0c7a92498ae274393052320b0b23a1
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-