General
-
Target
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe
-
Size
190KB
-
Sample
220309-s75rkaabc4
-
MD5
d7efd8fe990580ffed407998373bcb36
-
SHA1
4d73d3e0509781c95ff7dea39e598b258e1de893
-
SHA256
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe
-
SHA512
0df7b4b66726ded97930bfe283c4e0ec21256ea4cc4c321e8994558a8aed2d16a4af276630ec02054fa61797cf137778c26020dffa5a223271b8e4eba14a63a7
Static task
static1
Behavioral task
behavioral1
Sample
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe
-
Size
190KB
-
MD5
d7efd8fe990580ffed407998373bcb36
-
SHA1
4d73d3e0509781c95ff7dea39e598b258e1de893
-
SHA256
23f3c01c7e38b1a3677aef5987df95284e8b038a14a89eb77e0b77d162cfd6fe
-
SHA512
0df7b4b66726ded97930bfe283c4e0ec21256ea4cc4c321e8994558a8aed2d16a4af276630ec02054fa61797cf137778c26020dffa5a223271b8e4eba14a63a7
Score10/10-
Matiex Main Payload
-
Drops startup file
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-