General
-
Target
b054dafd292e48f4fa75f2c4f12671c8d8d317aec9c26bdccc4c810548ecab40
-
Size
1.5MB
-
Sample
211124-wb4q6sgeg2
-
MD5
04b73fb60f2bb4d960b8613ca808cc9a
-
SHA1
6381d65feba86c4d5aae65ef5f149ff7f2e2e383
-
SHA256
b054dafd292e48f4fa75f2c4f12671c8d8d317aec9c26bdccc4c810548ecab40
-
SHA512
7544ae557b506454cdbce51f97613ed3b7ff88b6cc0a40e79f043ba797098ebedfb83fb1b47e52d2f58461ff7960baa60ba1e92b313e7350bff4b5f96eb6f017
Static task
static1
Malware Config
Extracted
socelars
http://www.ecgbg.com/
Targets
-
-
Target
b054dafd292e48f4fa75f2c4f12671c8d8d317aec9c26bdccc4c810548ecab40
-
Size
1.5MB
-
MD5
04b73fb60f2bb4d960b8613ca808cc9a
-
SHA1
6381d65feba86c4d5aae65ef5f149ff7f2e2e383
-
SHA256
b054dafd292e48f4fa75f2c4f12671c8d8d317aec9c26bdccc4c810548ecab40
-
SHA512
7544ae557b506454cdbce51f97613ed3b7ff88b6cc0a40e79f043ba797098ebedfb83fb1b47e52d2f58461ff7960baa60ba1e92b313e7350bff4b5f96eb6f017
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up geolocation information via web service
Uses a legitimate geolocation service to find the infected system's geolocation info.
-