General
-
Target
1192f1e83a68ab15df7d769531a9e0801e3885ca255b5e39e6d6efba20a09878
-
Size
685KB
-
Sample
220420-czzbtahea6
-
MD5
c8124c0f1671a392ce37980202516162
-
SHA1
ec724226935f57c12fdfb64c8d6c88eba04496a3
-
SHA256
1192f1e83a68ab15df7d769531a9e0801e3885ca255b5e39e6d6efba20a09878
-
SHA512
6d14ad5d2795f72d83b9a9527654b4a18eaba93531644778260a361b05f6426a53b8dbe158587cfe63f358e001f5aa18d87a2159559fc132ab544a07fb878746
Static task
static1
Behavioral task
behavioral1
Sample
Payment.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Payment.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
ebop.website - Port:
587 - Username:
[email protected] - Password:
P@ssw0rdP@ssw0rd
Targets
-
-
Target
Payment.exe
-
Size
740KB
-
MD5
47f7382d70303ac96e6b7dddefcafee6
-
SHA1
e2b9e79894bdf63b6984dc65a40129232357fc97
-
SHA256
5b5a1a7507d3758b05be55fb8218911b700fb933750fb310b454680e580fc58a
-
SHA512
49303f04e9a8546ffb8952be98e12b7008fb236cee21416af281114bd31b58e1f1e90f787a50d78b08f0168f18503ff6d220a6c0493be02b4715c3920a3dc874
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-