General
-
Target
20e5ae4397a4ab132e7e8a5f316d08d3.exe
-
Size
231KB
-
Sample
220327-vsjlwsfbap
-
MD5
20e5ae4397a4ab132e7e8a5f316d08d3
-
SHA1
f1a05d3426661dad12ea034ac9710c5842923df4
-
SHA256
b4286bce9138f9c8fff9f8fc2eb4dcda9d48af83c62cf5ea03de48f862b301d9
-
SHA512
5b8e49bcf0a1e40f0cde13c6f160e4008d993087bd087f320fd46fcb48d304d890c3e1e5e64b518c5466ab5536cef11dd6c5e0ba30d802e9f0da1d34bd3026fb
Static task
static1
Behavioral task
behavioral1
Sample
20e5ae4397a4ab132e7e8a5f316d08d3.exe
Resource
win7-20220311-en
Malware Config
Extracted
systembc
31.44.185.6:4001
31.44.185.11:4001
Targets
-
-
Target
20e5ae4397a4ab132e7e8a5f316d08d3.exe
-
Size
231KB
-
MD5
20e5ae4397a4ab132e7e8a5f316d08d3
-
SHA1
f1a05d3426661dad12ea034ac9710c5842923df4
-
SHA256
b4286bce9138f9c8fff9f8fc2eb4dcda9d48af83c62cf5ea03de48f862b301d9
-
SHA512
5b8e49bcf0a1e40f0cde13c6f160e4008d993087bd087f320fd46fcb48d304d890c3e1e5e64b518c5466ab5536cef11dd6c5e0ba30d802e9f0da1d34bd3026fb
-
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
-
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
-
suricata: ET MALWARE Win32/SystemBC CnC Checkin
suricata: ET MALWARE Win32/SystemBC CnC Checkin
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-