General
-
Target
bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25
-
Size
243KB
-
Sample
220319-xbyqlafheq
-
MD5
15f32b4f39a69e327b285b6cd2dd2cb9
-
SHA1
49ca0b152b2001febfe89d4ff2bea2f989a9a819
-
SHA256
bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25
-
SHA512
301893a9827946bd478255cc9cbc054c21a422e76bad3f0ded321d264ff14947e1736dd66cedc236a9d82afcd0c2f0c40f5a91d57266ee49acdc6acd14767f84
Static task
static1
Behavioral task
behavioral1
Sample
bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25.exe
Resource
win7-20220310-en
Malware Config
Extracted
systembc
dec15coma.com:4039
dec15coma.xyz:4039
Targets
-
-
Target
bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25
-
Size
243KB
-
MD5
15f32b4f39a69e327b285b6cd2dd2cb9
-
SHA1
49ca0b152b2001febfe89d4ff2bea2f989a9a819
-
SHA256
bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25
-
SHA512
301893a9827946bd478255cc9cbc054c21a422e76bad3f0ded321d264ff14947e1736dd66cedc236a9d82afcd0c2f0c40f5a91d57266ee49acdc6acd14767f84
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-