General
-
Target
1cd60e5192988ae5841a861ef8c45a61.exe
-
Size
643KB
-
Sample
210714-jn7y8fqgt2
-
MD5
1cd60e5192988ae5841a861ef8c45a61
-
SHA1
3c6fe7b6885dadd5820710082b5e07f0f0c31a8f
-
SHA256
4f5eb87739916022c23a6291aaac32e86cef1d92cd9bcf67ec0ed357f1672ca1
-
SHA512
dff8d5c7c0e10deed78f911e8e4b4b0ef9e5d94ea8d85777c3711efb7fefc5f5dd93eb0589b60c92d0cf1962eccac810cd4d2a0aa87ec1e9a1bd350b17e07442
Static task
static1
Behavioral task
behavioral1
Sample
1cd60e5192988ae5841a861ef8c45a61.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
1cd60e5192988ae5841a861ef8c45a61.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
1cd60e5192988ae5841a861ef8c45a61.exe
-
Size
643KB
-
MD5
1cd60e5192988ae5841a861ef8c45a61
-
SHA1
3c6fe7b6885dadd5820710082b5e07f0f0c31a8f
-
SHA256
4f5eb87739916022c23a6291aaac32e86cef1d92cd9bcf67ec0ed357f1672ca1
-
SHA512
dff8d5c7c0e10deed78f911e8e4b4b0ef9e5d94ea8d85777c3711efb7fefc5f5dd93eb0589b60c92d0cf1962eccac810cd4d2a0aa87ec1e9a1bd350b17e07442
Score6/10-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-