General
-
Target
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506
-
Size
4.2MB
-
Sample
220521-m36keadaa7
-
MD5
37370eceaf48033001671cb3566e0927
-
SHA1
47941e3b617b2f5e59a3e313694f2c7422569698
-
SHA256
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506
-
SHA512
9c574967b1e07f304730e87df8c99419ca3c94b20b5fad408a8ec9b0c89f39426cd02bc3b5b21bac49ca62a431eda16761e417ac75b1407d31c8a038b13a63d4
Static task
static1
Behavioral task
behavioral1
Sample
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506
-
Size
4.2MB
-
MD5
37370eceaf48033001671cb3566e0927
-
SHA1
47941e3b617b2f5e59a3e313694f2c7422569698
-
SHA256
db9e7cbd83ba39269ca1bdcd0950ff8d620511999d66d9ecea3c572d40aea506
-
SHA512
9c574967b1e07f304730e87df8c99419ca3c94b20b5fad408a8ec9b0c89f39426cd02bc3b5b21bac49ca62a431eda16761e417ac75b1407d31c8a038b13a63d4
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-