General
-
Target
4d586a534d4ac3e4f084ee1f29a51856b2c316fe7745bb0cfbf13447fa3291dd
-
Size
168KB
-
Sample
220419-gtpbwabgg8
-
MD5
a554fcbe9859c314ee657507f58bd1ab
-
SHA1
3355e28863ab4391e9bba4cf95c214acd44207c1
-
SHA256
4d586a534d4ac3e4f084ee1f29a51856b2c316fe7745bb0cfbf13447fa3291dd
-
SHA512
f5e6ebd159ec20352162837750fc6f7d45db6927ed54d75d41ab67d21e45113b596073c23e71ea39cfbe2aaf27bd46c75e2de656d63b254a1eaf208420471673
Static task
static1
Behavioral task
behavioral1
Sample
4d586a534d4ac3e4f084ee1f29a51856b2c316fe7745bb0cfbf13447fa3291dd.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
26asdcgd.com:4039
26asdcgd.xyz:4039
Targets
-
-
Target
4d586a534d4ac3e4f084ee1f29a51856b2c316fe7745bb0cfbf13447fa3291dd
-
Size
168KB
-
MD5
a554fcbe9859c314ee657507f58bd1ab
-
SHA1
3355e28863ab4391e9bba4cf95c214acd44207c1
-
SHA256
4d586a534d4ac3e4f084ee1f29a51856b2c316fe7745bb0cfbf13447fa3291dd
-
SHA512
f5e6ebd159ec20352162837750fc6f7d45db6927ed54d75d41ab67d21e45113b596073c23e71ea39cfbe2aaf27bd46c75e2de656d63b254a1eaf208420471673
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-