General
-
Target
3547550900d39131e5f670560072fc4a4314bf3a7b7757c3b3c2fb315b70d9a8
-
Size
812KB
-
Sample
220619-wtzvyaaec2
-
MD5
9de6099c8ff65db0bfea060cdf8cce74
-
SHA1
e370e6cc97c9be6abf41c142ab69699833488b72
-
SHA256
3547550900d39131e5f670560072fc4a4314bf3a7b7757c3b3c2fb315b70d9a8
-
SHA512
a5c518d53366aa467436c2f02972903d43a988acb6e1d647b49bb949c04b1f316b7eb4c34736b96ae82f5f6262b2b2288556e2b24009df1d9e634a6bbf073f61
Static task
static1
Behavioral task
behavioral1
Sample
3547550900d39131e5f670560072fc4a4314bf3a7b7757c3b3c2fb315b70d9a8.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
3547550900d39131e5f670560072fc4a4314bf3a7b7757c3b3c2fb315b70d9a8
-
Size
812KB
-
MD5
9de6099c8ff65db0bfea060cdf8cce74
-
SHA1
e370e6cc97c9be6abf41c142ab69699833488b72
-
SHA256
3547550900d39131e5f670560072fc4a4314bf3a7b7757c3b3c2fb315b70d9a8
-
SHA512
a5c518d53366aa467436c2f02972903d43a988acb6e1d647b49bb949c04b1f316b7eb4c34736b96ae82f5f6262b2b2288556e2b24009df1d9e634a6bbf073f61
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-