General
-
Target
4c68c1e4fd2d8f01655223f1032b985e0d14a6539d7d9ce6fbf985bdbb04f813
-
Size
1.5MB
-
Sample
220521-b5drmadac4
-
MD5
fe053c8f36f76bdf802410e7b2579093
-
SHA1
0c1aa8abb52946982d7b69f7b85f6b415d6e8705
-
SHA256
4c68c1e4fd2d8f01655223f1032b985e0d14a6539d7d9ce6fbf985bdbb04f813
-
SHA512
b001420472e2cdc90eaf3383d495801ba0c26c87748e22561600a65715166ec610c60dbad143461c0f54ebd44c8da84aeebaa45c31cc6c8c5c6a1b8a28c50f96
Static task
static1
Behavioral task
behavioral1
Sample
file00.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
file00.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
file00.exe
-
Size
5.7MB
-
MD5
54d096ce65a1e470369d4eebed99f339
-
SHA1
0b9e9dda0a265bee3c45b82d38fa8508aa034235
-
SHA256
d680214c548a039dc97e53e8e4a81d25a77cac43cdf7246616b345a70d5bf04a
-
SHA512
c009d1d74cab8d0f12f1c643bf793aa7aafbe9f8f12b517b2f22e28159d1b064653539e265ca946b39f956659a70a0cfd0302f6e1aa4980227d09f2479559319
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-