General

  • Target

    express.exe

  • Size

    13.0MB

  • Sample

    210924-kqhxgagdel

  • MD5

    e8a102040d074c0fa5a65f3fc157f689

  • SHA1

    79c6c37ad7b1278052ab996d643e7bf1d2c468e1

  • SHA256

    868fe53622b538574df3f1df1eccf57c9b43039a49dc1f7c1cc92663bfb4314d

  • SHA512

    9835ca5886e54fffb6f1e0af57b0385d389a59e4d23c21dfede6b8749cef0a2c5879b30fb6036db5c9338b5b0c0a9b496b141f626796fbf27f5d38d733edf416

Score
7/10

Malware Config

Targets

    • Target

      express.exe

    • Size

      13.0MB

    • MD5

      e8a102040d074c0fa5a65f3fc157f689

    • SHA1

      79c6c37ad7b1278052ab996d643e7bf1d2c468e1

    • SHA256

      868fe53622b538574df3f1df1eccf57c9b43039a49dc1f7c1cc92663bfb4314d

    • SHA512

      9835ca5886e54fffb6f1e0af57b0385d389a59e4d23c21dfede6b8749cef0a2c5879b30fb6036db5c9338b5b0c0a9b496b141f626796fbf27f5d38d733edf416

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks