General
-
Target
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340
-
Size
963KB
-
Sample
220508-g8q41shdc6
-
MD5
99d104f5701496f3e10e96cfa898a50d
-
SHA1
6f83c38fcb9c2fecc06875854ea9e3cd91d3a973
-
SHA256
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340
-
SHA512
3285507f051a27eb1f37e774ea004ccb28ab94fa764ca0a45c06d4d6ed8c9b02be7a5e11749f721ac4f115296e32cc4308b90b91d1e94663beef9809f8788eec
Static task
static1
Behavioral task
behavioral1
Sample
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
us2.smtp.mailhostbox.com - Port:
587 - Username:
[email protected] - Password:
ze5qw@iC?1E}
Targets
-
-
Target
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340
-
Size
963KB
-
MD5
99d104f5701496f3e10e96cfa898a50d
-
SHA1
6f83c38fcb9c2fecc06875854ea9e3cd91d3a973
-
SHA256
ac755e035a8d5d91395277e4283d83198e820d743924698b863439aa8a82a340
-
SHA512
3285507f051a27eb1f37e774ea004ccb28ab94fa764ca0a45c06d4d6ed8c9b02be7a5e11749f721ac4f115296e32cc4308b90b91d1e94663beef9809f8788eec
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-