General
-
Target
29419e77b22185d288de119f4a415e5f5aebdd8034ab2fa5afbbca3b6866b20a
-
Size
267KB
-
Sample
220427-telnnacae2
-
MD5
96b1c3d8279ef00b1b8b1e2c4bc64d77
-
SHA1
d9cece2958797a7fe2895ef9fe9ebdb80717de73
-
SHA256
29419e77b22185d288de119f4a415e5f5aebdd8034ab2fa5afbbca3b6866b20a
-
SHA512
120778338d6507742dfdf3a911f9c7de509bab853cf6c0332cd936c8ec0bb469e5c26fc1dda4768e66d09f6eadcbd98713efea26c49a35c433a5642e27f79127
Static task
static1
Behavioral task
behavioral1
Sample
29419e77b22185d288de119f4a415e5f5aebdd8034ab2fa5afbbca3b6866b20a.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
advertrex20.xyz:4044
gentexman37.xyz:4044
Targets
-
-
Target
29419e77b22185d288de119f4a415e5f5aebdd8034ab2fa5afbbca3b6866b20a
-
Size
267KB
-
MD5
96b1c3d8279ef00b1b8b1e2c4bc64d77
-
SHA1
d9cece2958797a7fe2895ef9fe9ebdb80717de73
-
SHA256
29419e77b22185d288de119f4a415e5f5aebdd8034ab2fa5afbbca3b6866b20a
-
SHA512
120778338d6507742dfdf3a911f9c7de509bab853cf6c0332cd936c8ec0bb469e5c26fc1dda4768e66d09f6eadcbd98713efea26c49a35c433a5642e27f79127
-
suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query
suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-