General
-
Target
af395a3a35d12ab4f9955a9550224c210ad1297714270a96550ba65397b3214a
-
Size
5.2MB
-
Sample
220502-srmwtagae2
-
MD5
e884174691d4097c7ae04b437cc03b74
-
SHA1
ee9cfd12153e37d02e5c095189e364e42fe329ab
-
SHA256
af395a3a35d12ab4f9955a9550224c210ad1297714270a96550ba65397b3214a
-
SHA512
36b30067cf28c44be5b7da4920cda6e33f9029c701de2e142eba0538b06bcc7b8b03d065d7c099b15124cbad02da35dc5f18c3371cab0e8c83ff87fd00901440
Static task
static1
Behavioral task
behavioral1
Sample
af395a3a35d12ab4f9955a9550224c210ad1297714270a96550ba65397b3214a.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
af395a3a35d12ab4f9955a9550224c210ad1297714270a96550ba65397b3214a
-
Size
5.2MB
-
MD5
e884174691d4097c7ae04b437cc03b74
-
SHA1
ee9cfd12153e37d02e5c095189e364e42fe329ab
-
SHA256
af395a3a35d12ab4f9955a9550224c210ad1297714270a96550ba65397b3214a
-
SHA512
36b30067cf28c44be5b7da4920cda6e33f9029c701de2e142eba0538b06bcc7b8b03d065d7c099b15124cbad02da35dc5f18c3371cab0e8c83ff87fd00901440
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-