General
-
Target
605255cd417fde0180da116df7deeba2a7a0db6dcda35baf5f68ef8a97449260
-
Size
459KB
-
Sample
210518-dwl2x855ls
-
MD5
4e49a88d489d88f3cdfee9fa077ef865
-
SHA1
34f205c4c3a356eb0793850d6953802283e55c57
-
SHA256
605255cd417fde0180da116df7deeba2a7a0db6dcda35baf5f68ef8a97449260
-
SHA512
559c4e67e078a663ed6e76c03b1d0b432e7eb3471f543efdf2e77938724334880db65418bb9773a4ed089add2a280b99b44942d0cf786be13783de6dcd8887b3
Static task
static1
Behavioral task
behavioral1
Sample
605255cd417fde0180da116df7deeba2a7a0db6dcda35baf5f68ef8a97449260.exe
Resource
win7v20210408
Malware Config
Targets
-
-
Target
605255cd417fde0180da116df7deeba2a7a0db6dcda35baf5f68ef8a97449260
-
Size
459KB
-
MD5
4e49a88d489d88f3cdfee9fa077ef865
-
SHA1
34f205c4c3a356eb0793850d6953802283e55c57
-
SHA256
605255cd417fde0180da116df7deeba2a7a0db6dcda35baf5f68ef8a97449260
-
SHA512
559c4e67e078a663ed6e76c03b1d0b432e7eb3471f543efdf2e77938724334880db65418bb9773a4ed089add2a280b99b44942d0cf786be13783de6dcd8887b3
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-