General
Target

1e9fc7f32bd5522dd0222932eb9f1d8bd0a2e132c7b46cfcc622ad97831e6128.bin

Size

352KB

Sample

220610-pp53tsfdf7

Score
10/10
MD5

5a7a90ceb6e7137c753d8de226fc7947

SHA1

204a603c409e559b65c35208200a169a232da94c

SHA256

1e9fc7f32bd5522dd0222932eb9f1d8bd0a2e132c7b46cfcc622ad97831e6128

SHA512

a1f8dcf279b0f0b74d4e7890f118bbf27d0c20da75ebb670c0ee41dae6e16eae86c05fea5a6b51756b93360b8965545c3bde76b2beefeebed44a19fa42af79ed

Malware Config
Targets
Target

1e9fc7f32bd5522dd0222932eb9f1d8bd0a2e132c7b46cfcc622ad97831e6128.bin

MD5

5a7a90ceb6e7137c753d8de226fc7947

Filesize

352KB

Score
10/10
SHA1

204a603c409e559b65c35208200a169a232da94c

SHA256

1e9fc7f32bd5522dd0222932eb9f1d8bd0a2e132c7b46cfcc622ad97831e6128

SHA512

a1f8dcf279b0f0b74d4e7890f118bbf27d0c20da75ebb670c0ee41dae6e16eae86c05fea5a6b51756b93360b8965545c3bde76b2beefeebed44a19fa42af79ed

Tags

Signatures

  • Detect WinDealer information stealer

    Tags

  • WinDealer

    Description

    WinDealer is an info stealer used by LuoYu group.

    Tags

  • suricata: ET MALWARE Win32/WinDealer CnC Activity (Checkin)

    Description

    suricata: ET MALWARE Win32/WinDealer CnC Activity (Checkin)

    Tags

  • Looks up external IP address via web service

    Description

    Uses a legitimate IP lookup service to find the infected system's external IP.

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        Score
                        N/A

                        behavioral1

                        Score
                        10/10

                        behavioral2

                        Score
                        10/10