General
-
Target
7dc7d64d4102b3d131ed39640ba2c5ac043235feeaf223880a783a6b87d3c6b3
-
Size
129KB
-
Sample
220508-t21fbscch8
-
MD5
6a122e54deeb8a43546f3c638bdad976
-
SHA1
fa47f6e797541e61050ad7e43822c931f8771b41
-
SHA256
7dc7d64d4102b3d131ed39640ba2c5ac043235feeaf223880a783a6b87d3c6b3
-
SHA512
abd86940d715ca0757ca485a4c8c9e823d236ea92db87f131dc0990e2e79095c627aa243017f439840fc17bdb9cea882ae84a310101c024ba62a94ce1850175b
Static task
static1
Behavioral task
behavioral1
Sample
7dc7d64d4102b3d131ed39640ba2c5ac043235feeaf223880a783a6b87d3c6b3.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
dasd13d.com:4035
dasd13d.xyz:4035
Targets
-
-
Target
7dc7d64d4102b3d131ed39640ba2c5ac043235feeaf223880a783a6b87d3c6b3
-
Size
129KB
-
MD5
6a122e54deeb8a43546f3c638bdad976
-
SHA1
fa47f6e797541e61050ad7e43822c931f8771b41
-
SHA256
7dc7d64d4102b3d131ed39640ba2c5ac043235feeaf223880a783a6b87d3c6b3
-
SHA512
abd86940d715ca0757ca485a4c8c9e823d236ea92db87f131dc0990e2e79095c627aa243017f439840fc17bdb9cea882ae84a310101c024ba62a94ce1850175b
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-