General
-
Target
934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
-
Size
90KB
-
Sample
220415-hlwlnaddd6
-
MD5
6091938947f0a7196a622a0986000b7c
-
SHA1
c4fd87b56a47dc806689f585343b3ca3e4e552cd
-
SHA256
934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
-
SHA512
0edc79e4dbba2751021b8cf935aa86d4ee441d79cf15a51647889ec0fdb01d46e314136e625fe394a1594bf45f6e50599a9736fa01d3b8f22a9a073b082e0402
Static task
static1
Behavioral task
behavioral1
Sample
934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
advertrex20.xyz:4044
gentexman37.xyz:4044
Targets
-
-
Target
934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
-
Size
90KB
-
MD5
6091938947f0a7196a622a0986000b7c
-
SHA1
c4fd87b56a47dc806689f585343b3ca3e4e552cd
-
SHA256
934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
-
SHA512
0edc79e4dbba2751021b8cf935aa86d4ee441d79cf15a51647889ec0fdb01d46e314136e625fe394a1594bf45f6e50599a9736fa01d3b8f22a9a073b082e0402
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-