General
-
Target
04682cf5670dfd8095d1fc9da7ff89f939c73a16c4ebe52dbff7afe5f1a8b89f
-
Size
1.5MB
-
Sample
220527-z2bd4aghbl
-
MD5
b51b126f69022c7f53b4e0c19608be39
-
SHA1
d056133906773404a4524162a21a945d68845554
-
SHA256
04682cf5670dfd8095d1fc9da7ff89f939c73a16c4ebe52dbff7afe5f1a8b89f
-
SHA512
d703cab4c310ee7f65e56356a7d5352b9a1ce3bff073422ffcb5641cb8a2926d436cba0c9290329654de75ab8e765cbf859184ea9a95c886a903104d9fd20fd2
Malware Config
Targets
-
-
Target
04682cf5670dfd8095d1fc9da7ff89f939c73a16c4ebe52dbff7afe5f1a8b89f
-
Size
1.5MB
-
MD5
b51b126f69022c7f53b4e0c19608be39
-
SHA1
d056133906773404a4524162a21a945d68845554
-
SHA256
04682cf5670dfd8095d1fc9da7ff89f939c73a16c4ebe52dbff7afe5f1a8b89f
-
SHA512
d703cab4c310ee7f65e56356a7d5352b9a1ce3bff073422ffcb5641cb8a2926d436cba0c9290329654de75ab8e765cbf859184ea9a95c886a903104d9fd20fd2
Score10/10-
suricata: ET MALWARE APT-C-23 Activity (GET)
suricata: ET MALWARE APT-C-23 Activity (GET)
-
suricata: ET MALWARE Legion Loader Activity Observed (suspira)
suricata: ET MALWARE Legion Loader Activity Observed (suspira)
-
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
-
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Looks for VMWare Tools registry key
-
Legitimate hosting services abused for malware hosting/C2
-