General
-
Target
b1dd18e76c03df66c80e63806ab5e7117232c22dfbd5c275d4aea13da9a3bf69
-
Size
331KB
-
Sample
220418-l8n2wabaer
-
MD5
5141357dda4fab9146a6724f8793f634
-
SHA1
05ff08362df5e50e457cfa10c4c6b730ca722ea9
-
SHA256
b1dd18e76c03df66c80e63806ab5e7117232c22dfbd5c275d4aea13da9a3bf69
-
SHA512
1a4d16fb1d0633909f8551d9095dd708966b4cba47ce8c3504fda3456c290ba685cd0e234a9fe98a78913eb19193877f014ca74c22090592ddccdba1d92f43be
Static task
static1
Behavioral task
behavioral1
Sample
b1dd18e76c03df66c80e63806ab5e7117232c22dfbd5c275d4aea13da9a3bf69.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
26asdcgd.com:4039
26asdcgd.xyz:4039
Targets
-
-
Target
b1dd18e76c03df66c80e63806ab5e7117232c22dfbd5c275d4aea13da9a3bf69
-
Size
331KB
-
MD5
5141357dda4fab9146a6724f8793f634
-
SHA1
05ff08362df5e50e457cfa10c4c6b730ca722ea9
-
SHA256
b1dd18e76c03df66c80e63806ab5e7117232c22dfbd5c275d4aea13da9a3bf69
-
SHA512
1a4d16fb1d0633909f8551d9095dd708966b4cba47ce8c3504fda3456c290ba685cd0e234a9fe98a78913eb19193877f014ca74c22090592ddccdba1d92f43be
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-