General

  • Target

    0a22badfd2f33aebe32d4689f11abbc31211d5ae

  • Size

    1.4MB

  • Sample

    220704-lebjpaabg2

  • MD5

    10bdc120c93912b9b937ad16cc7a13c9

  • SHA1

    0a22badfd2f33aebe32d4689f11abbc31211d5ae

  • SHA256

    dfb89b62125470adc70f0e24636633c45d0841aa8e84d09b6bab99f437e2f576

  • SHA512

    6b438edf1e591f485974085959634265096a42ef6148c74fe125f622e1f9667e543952fae8ee812d02990ca2566435a44b161383c3fcb58cfe4bb65f6c58530d

Score
10/10

Malware Config

Targets

    • Target

      0a22badfd2f33aebe32d4689f11abbc31211d5ae

    • Size

      1.4MB

    • MD5

      10bdc120c93912b9b937ad16cc7a13c9

    • SHA1

      0a22badfd2f33aebe32d4689f11abbc31211d5ae

    • SHA256

      dfb89b62125470adc70f0e24636633c45d0841aa8e84d09b6bab99f437e2f576

    • SHA512

      6b438edf1e591f485974085959634265096a42ef6148c74fe125f622e1f9667e543952fae8ee812d02990ca2566435a44b161383c3fcb58cfe4bb65f6c58530d

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Connection Proxy

1
T1090

Tasks