General
-
Target
a.bin.zip
-
Size
24.5MB
-
Sample
210518-14ghabzyfj
-
MD5
d2dd16de46fabecaa3dd784c8d81555b
-
SHA1
55548183b64f0c1675e560d95fb7d9b9762f4b10
-
SHA256
0a58b753a6c1927045d6fba0c1947c2f8e64eeaee2422d24a16cb3dbd91cf1d0
-
SHA512
f48867e0e06a803f18ce83e94c412afb0b7c9167956475e505bf45ff8e2288800036fc4c6a64483147684875e93b28df4c97d5c08cabe1d72948cf5ecb17770b
Static task
static1
Behavioral task
behavioral1
Sample
a.bin.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
a.bin.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
a.bin
-
Size
24.8MB
-
MD5
ff3e538ca4f72aa803986246ccd6204c
-
SHA1
aaef4bf2d4d7dde0164b5218dad3b7a691d1b96b
-
SHA256
4363c6197e0fd7b380f30154c36bc7bd15a81bda1158ef3a6a021f80928f7fae
-
SHA512
995be671dbf7af6c7ab69b823c3bcd914bb776d525425e3395824b234068330afdd1c06d6d897d4cf1d36da0faee017510905baba5c56a590dbbcd1001a6733f
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-