General
-
Target
467890987654323456789098765432345678.exe
-
Size
299KB
-
Sample
220127-p8n9esdde2
-
MD5
e04c69c79193ccaac508fe7279a1804f
-
SHA1
75930a5d0e35815f213475e7af644f19f4ed14bf
-
SHA256
56f473eb624769a6eb77762eba09ecfbb6e25f513e4280207de5ae06663e5452
-
SHA512
fcf2671f30495f16fe2a8399f2536bb2e193ea774aa5e0f6f30f861eb0f145a43217522ddfb8af401cb41d92f5043cf8b9f6580aaff80006525b6cd5810674c9
Static task
static1
Behavioral task
behavioral1
Sample
467890987654323456789098765432345678.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
467890987654323456789098765432345678.exe
Resource
win10-en-20211208
Malware Config
Extracted
Protocol: smtp- Host:
serv3.devmexico.com - Port:
587 - Username:
[email protected] - Password:
3}l^pI#_4K_!
Targets
-
-
Target
467890987654323456789098765432345678.exe
-
Size
299KB
-
MD5
e04c69c79193ccaac508fe7279a1804f
-
SHA1
75930a5d0e35815f213475e7af644f19f4ed14bf
-
SHA256
56f473eb624769a6eb77762eba09ecfbb6e25f513e4280207de5ae06663e5452
-
SHA512
fcf2671f30495f16fe2a8399f2536bb2e193ea774aa5e0f6f30f861eb0f145a43217522ddfb8af401cb41d92f5043cf8b9f6580aaff80006525b6cd5810674c9
Score10/10-
Matiex Main Payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-