General
-
Target
ac2071e4dc5422825963da4f321466c4d3376498902b0ea1aa56e1e6ef576572
-
Size
3.4MB
-
Sample
220502-ahak1sfca3
-
MD5
1dc00acdb581b52fbc009ffa34997d8e
-
SHA1
141f592b11ec85b523d5bd56905a54956e20a4b6
-
SHA256
ac2071e4dc5422825963da4f321466c4d3376498902b0ea1aa56e1e6ef576572
-
SHA512
168f48276a5dd084351340ec34af97c6a6c189ba6f614af2046d31ba12d50cdda71a7f23f2ee1e50030f9d060e5bd5a3fe32e76d87ab7e0313dd237238bb92ab
Static task
static1
Behavioral task
behavioral1
Sample
ac2071e4dc5422825963da4f321466c4d3376498902b0ea1aa56e1e6ef576572.dll
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
ac2071e4dc5422825963da4f321466c4d3376498902b0ea1aa56e1e6ef576572
-
Size
3.4MB
-
MD5
1dc00acdb581b52fbc009ffa34997d8e
-
SHA1
141f592b11ec85b523d5bd56905a54956e20a4b6
-
SHA256
ac2071e4dc5422825963da4f321466c4d3376498902b0ea1aa56e1e6ef576572
-
SHA512
168f48276a5dd084351340ec34af97c6a6c189ba6f614af2046d31ba12d50cdda71a7f23f2ee1e50030f9d060e5bd5a3fe32e76d87ab7e0313dd237238bb92ab
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-