General
-
Target
0a422188253086dc87c6ca2d436e918b478069fa3480b957a1928f9f6ecae491
-
Size
97KB
-
Sample
220330-jzvrysefaq
-
MD5
73e49c9180be6377ce35469e685724d6
-
SHA1
cc967c46335975279a91df318a37f0091a5a2a9e
-
SHA256
0a422188253086dc87c6ca2d436e918b478069fa3480b957a1928f9f6ecae491
-
SHA512
22dd80c6b17b60ee489830711bffbc90189a8931c2e13640fdfd2c806df435aeef5a2f88a6b9488bcf88af40e994c230938d28824a84ae058341e15472a694f8
Static task
static1
Behavioral task
behavioral1
Sample
0a422188253086dc87c6ca2d436e918b478069fa3480b957a1928f9f6ecae491.exe
Resource
win7-20220331-en
Malware Config
Extracted
systembc
dump17alertos.com:4039
dump17alertos.xyz:4039
Targets
-
-
Target
0a422188253086dc87c6ca2d436e918b478069fa3480b957a1928f9f6ecae491
-
Size
97KB
-
MD5
73e49c9180be6377ce35469e685724d6
-
SHA1
cc967c46335975279a91df318a37f0091a5a2a9e
-
SHA256
0a422188253086dc87c6ca2d436e918b478069fa3480b957a1928f9f6ecae491
-
SHA512
22dd80c6b17b60ee489830711bffbc90189a8931c2e13640fdfd2c806df435aeef5a2f88a6b9488bcf88af40e994c230938d28824a84ae058341e15472a694f8
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-