General
-
Target
6c7311e2b17f44d10a2e029e4dce1db59d0b19131c744bb94083baa27badb137
-
Size
193KB
-
Sample
220520-qm4mnagfdk
-
MD5
3f0aa896bd3f89486b42ac379b5e5c8e
-
SHA1
a3b4b3e308a3194f99d7336ec09448433fed6d65
-
SHA256
6c7311e2b17f44d10a2e029e4dce1db59d0b19131c744bb94083baa27badb137
-
SHA512
73217cd491a355d3919595a55683743a6705ee3bf293fcacb909533c671babedca7ba43add73e35e3776093c0656d08f746b591deea3c9c54f8c184d3dd33b73
Static task
static1
Behavioral task
behavioral1
Sample
R3209011873.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
R3209011873.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
mail.metauxsud.com - Port:
587 - Username:
euro@metauxsud.com - Password:
hushpuppy2020 - Email To:
dollar@metauxsud.com
Targets
-
-
Target
R3209011873.exe
-
Size
555KB
-
MD5
4c43289546bd0ae785093cf0ef3fba6c
-
SHA1
8987ba13f0aa35479b67bede2c77cb241f541f77
-
SHA256
ef7d84f2c3326943fbc546b736b513ceab056aa47bc8146ae205d7d5eac2622e
-
SHA512
c98a9c2c7a4ea46e59d0daf0e674b629f3abd09a3bb715e7b8f19263482149eb4381471f51047e8568a04547f1a45bf00bea6ea4c43ab46cebcf20b092146980
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-