General
-
Target
51781c9e720b7014f6b23fa62f461b5bcb10542c86956e5292f16f74d50c68f8
-
Size
5.5MB
-
Sample
220511-c69q5agfbn
-
MD5
42cdfea930fb09aa3151e14834b44010
-
SHA1
40e400ac62713ee717a4e0fcb12c5249851a903d
-
SHA256
51781c9e720b7014f6b23fa62f461b5bcb10542c86956e5292f16f74d50c68f8
-
SHA512
56aa04e5666ed722913a65c3193f7efacd77280cef26d4109278632c2b34b0b95e6c1221cb1dc276be986ddbeebb14e37a88d6de2d19e818cf7e83bd417b9201
Static task
static1
Behavioral task
behavioral1
Sample
51781c9e720b7014f6b23fa62f461b5bcb10542c86956e5292f16f74d50c68f8.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
51781c9e720b7014f6b23fa62f461b5bcb10542c86956e5292f16f74d50c68f8
-
Size
5.5MB
-
MD5
42cdfea930fb09aa3151e14834b44010
-
SHA1
40e400ac62713ee717a4e0fcb12c5249851a903d
-
SHA256
51781c9e720b7014f6b23fa62f461b5bcb10542c86956e5292f16f74d50c68f8
-
SHA512
56aa04e5666ed722913a65c3193f7efacd77280cef26d4109278632c2b34b0b95e6c1221cb1dc276be986ddbeebb14e37a88d6de2d19e818cf7e83bd417b9201
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-