General
-
Target
12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571
-
Size
185KB
-
Sample
220521-bjxydafaar
-
MD5
80d95f54fb018493a44ecd0b767488ee
-
SHA1
ba21da1c9929d198428f1027e8977710260e876c
-
SHA256
12c3cd6afeb0da63f0ef22c0f430665a489d477876fb97f55fb4466badd21571
-
SHA512
2a711052ee0ab534006ba9ec32d45fb1634b87fbab663cbc6c7fd6908c4006590e3bb1d9bbcf8b931d6cbed761ce39bc39df18bf312bf8338e724e5e0745c349
Static task
static1
Behavioral task
behavioral1
Sample
R980533211.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
R980533211.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
matiex
Protocol: smtp- Host:
mail.metauxsud.com - Port:
587 - Username:
euro@metauxsud.com - Password:
hushpuppy2020 - Email To:
dollar@metauxsud.com
Targets
-
-
Target
R980533211.exe
-
Size
652KB
-
MD5
cea5d13da191b583af960af626f06c19
-
SHA1
a778bf24076a24e501a2f4db102cfdac413bb566
-
SHA256
cca5e12f1d9a4823e1188c7af7f66e51299fa975f0a4f40062808bc7c5fc4001
-
SHA512
2c6fb4c9c0eb6f287bf7353f8d3f274c9b7f75656b4f6a4d021c3b3def7af8214d02f23d2db6b27bfe42b4f291ff2fb81ce748492fc3faebfebd5103c13bb9bc
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-