General
-
Target
e9feac3695a81a71ede3b7b768869a336403251fd00333a6ea4d0265f90d2e76
-
Size
156KB
-
Sample
220326-mp7kjsbfe4
-
MD5
53dea6ee1aeb6e0b102803c43b177967
-
SHA1
76ae52abaaa31d8f946a1888d33b8cf08f100c8b
-
SHA256
e9feac3695a81a71ede3b7b768869a336403251fd00333a6ea4d0265f90d2e76
-
SHA512
815dda2786dab4d05cc53084f9a3b04c9d3256b764d6f16bde2ef1ab7b228e08f7ddd3f417c1eacac7f9fab6a4208e7d0c8504083ccc6fa14c71ea102585825e
Static task
static1
Behavioral task
behavioral1
Sample
e9feac3695a81a71ede3b7b768869a336403251fd00333a6ea4d0265f90d2e76.exe
Resource
win7-20220310-en
Malware Config
Extracted
systembc
advertrex20.xyz:4044
gentexman37.xyz:4044
Targets
-
-
Target
e9feac3695a81a71ede3b7b768869a336403251fd00333a6ea4d0265f90d2e76
-
Size
156KB
-
MD5
53dea6ee1aeb6e0b102803c43b177967
-
SHA1
76ae52abaaa31d8f946a1888d33b8cf08f100c8b
-
SHA256
e9feac3695a81a71ede3b7b768869a336403251fd00333a6ea4d0265f90d2e76
-
SHA512
815dda2786dab4d05cc53084f9a3b04c9d3256b764d6f16bde2ef1ab7b228e08f7ddd3f417c1eacac7f9fab6a4208e7d0c8504083ccc6fa14c71ea102585825e
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-