General
-
Target
8e5e31f5dd73631eddc2cb57e0f48a9a
-
Size
1.5MB
-
Sample
211209-sbk3aacce5
-
MD5
8e5e31f5dd73631eddc2cb57e0f48a9a
-
SHA1
13bd3cf85edef10be8b60c96334eda4f30eda0ba
-
SHA256
356c38de132ad392f3155f48d11f97efbd7892a04499aea67dab5a76e85cb68d
-
SHA512
43cf5099575d698ffbd13dc82aa76e2358629d52217cd9d019acfb52c87a29e1ef9750dee756d164787544c76cc68464b014e3f17b3236467952ef95215a94d1
Static task
static1
Behavioral task
behavioral1
Sample
8e5e31f5dd73631eddc2cb57e0f48a9a.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8e5e31f5dd73631eddc2cb57e0f48a9a.exe
Resource
win10-en-20211208
Malware Config
Extracted
matiex
https://api.telegram.org/bot1769394961:AAF5BB35akL859CwVaXypIqpVsGWlaKvi7A/sendMessage?chat_id=1735544933
Targets
-
-
Target
8e5e31f5dd73631eddc2cb57e0f48a9a
-
Size
1.5MB
-
MD5
8e5e31f5dd73631eddc2cb57e0f48a9a
-
SHA1
13bd3cf85edef10be8b60c96334eda4f30eda0ba
-
SHA256
356c38de132ad392f3155f48d11f97efbd7892a04499aea67dab5a76e85cb68d
-
SHA512
43cf5099575d698ffbd13dc82aa76e2358629d52217cd9d019acfb52c87a29e1ef9750dee756d164787544c76cc68464b014e3f17b3236467952ef95215a94d1
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-