General
-
Target
c6f2c2312fe323ce670ae3409255baa8610d8128977c37d36813e4b097633eb9
-
Size
434KB
-
Sample
210930-pew26shgbp
-
MD5
6b7012b1d81d561a99c3736f695349eb
-
SHA1
4a6d7a195fb17bc14f1b578713fb251a176ad39f
-
SHA256
c6f2c2312fe323ce670ae3409255baa8610d8128977c37d36813e4b097633eb9
-
SHA512
e46916a7dced12163167d81788ab7404d2eb91fe4bfe1b10c5f34301e3768b391541df36ab7a41843f46b4fc9514ca3776db91aa7fe34709bbaf176a36e4454a
Static task
static1
Behavioral task
behavioral1
Sample
c6f2c2312fe323ce670ae3409255baa8610d8128977c37d36813e4b097633eb9.exe
Resource
win7-en-20210920
Malware Config
Targets
-
-
Target
c6f2c2312fe323ce670ae3409255baa8610d8128977c37d36813e4b097633eb9
-
Size
434KB
-
MD5
6b7012b1d81d561a99c3736f695349eb
-
SHA1
4a6d7a195fb17bc14f1b578713fb251a176ad39f
-
SHA256
c6f2c2312fe323ce670ae3409255baa8610d8128977c37d36813e4b097633eb9
-
SHA512
e46916a7dced12163167d81788ab7404d2eb91fe4bfe1b10c5f34301e3768b391541df36ab7a41843f46b4fc9514ca3776db91aa7fe34709bbaf176a36e4454a
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-