Resubmissions

18-04-2024 05:14

240418-fxa3zsdd41 10

18-04-2024 05:14

240418-fw8mvsca99 10

18-04-2024 05:14

240418-fw642aca97 10

18-04-2024 05:14

240418-fw6hhaca96 10

18-04-2024 05:14

240418-fw5wzadd4y 10

22-09-2021 13:23

210922-qmv1hsfdbr 10

General

  • Target

    6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

  • Size

    434KB

  • Sample

    210922-qmv1hsfdbr

  • MD5

    556c756b428b0a6f1516de031c3bfdb3

  • SHA1

    d4a8195611ac93a268b0ebdc14319a75de856725

  • SHA256

    6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

  • SHA512

    0e6ffc8dd5dda62a3936a5ea311a9e7007f27ead2f86f9f3f17510a78d2181b16473c69b3b5aa465f68042adef0d95fa8403f9d5bb106dbb4896750caef60a26

Score
10/10

Malware Config

Targets

    • Target

      6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

    • Size

      434KB

    • MD5

      556c756b428b0a6f1516de031c3bfdb3

    • SHA1

      d4a8195611ac93a268b0ebdc14319a75de856725

    • SHA256

      6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

    • SHA512

      0e6ffc8dd5dda62a3936a5ea311a9e7007f27ead2f86f9f3f17510a78d2181b16473c69b3b5aa465f68042adef0d95fa8403f9d5bb106dbb4896750caef60a26

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v6

Tasks