General
-
Target
b2fddc79dd5fbe683e9b8737304494e5b5ebf993382714f3a27c045cb3d7f816
-
Size
89KB
-
Sample
220418-bpghksdebp
-
MD5
ef794afbd770b7ee3c8a9ccffb9810fe
-
SHA1
1bc62eeef9f672fbde7df2de77b15b25dbc87610
-
SHA256
b2fddc79dd5fbe683e9b8737304494e5b5ebf993382714f3a27c045cb3d7f816
-
SHA512
bc2539be88630e38ebbf27ee603c666815be68f3a45a0b8c04e2df59c77fba094f71f5e1f40789ac558201e7a183b63a379526848cfb35ea724464ee3436d47d
Static task
static1
Behavioral task
behavioral1
Sample
b2fddc79dd5fbe683e9b8737304494e5b5ebf993382714f3a27c045cb3d7f816.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
23hfdne.com:4035
23hfdne.xyz:4035
Targets
-
-
Target
b2fddc79dd5fbe683e9b8737304494e5b5ebf993382714f3a27c045cb3d7f816
-
Size
89KB
-
MD5
ef794afbd770b7ee3c8a9ccffb9810fe
-
SHA1
1bc62eeef9f672fbde7df2de77b15b25dbc87610
-
SHA256
b2fddc79dd5fbe683e9b8737304494e5b5ebf993382714f3a27c045cb3d7f816
-
SHA512
bc2539be88630e38ebbf27ee603c666815be68f3a45a0b8c04e2df59c77fba094f71f5e1f40789ac558201e7a183b63a379526848cfb35ea724464ee3436d47d
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-