General
-
Target
4bd72979db980a1f04bef54cd5a277d83422d5353a8453a867b1cd8a9bca446f
-
Size
623KB
-
Sample
220712-khc19aadel
-
MD5
a12c1e631a3dd5e4353bbedf1e6867ea
-
SHA1
fa87b6028a06a220c585d8e0780f89a900909c22
-
SHA256
4bd72979db980a1f04bef54cd5a277d83422d5353a8453a867b1cd8a9bca446f
-
SHA512
cdd52e5cdae0a31a9ac40d58f85f2ca89c5daa5d6d67fc2fac3e0f8ac76442e1ade96a0e6f7738abde977f6e44e261688b30653e426cdde4978f19810488c028
Static task
static1
Behavioral task
behavioral1
Sample
4bd72979db980a1f04bef54cd5a277d83422d5353a8453a867b1cd8a9bca446f.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
4bd72979db980a1f04bef54cd5a277d83422d5353a8453a867b1cd8a9bca446f
-
Size
623KB
-
MD5
a12c1e631a3dd5e4353bbedf1e6867ea
-
SHA1
fa87b6028a06a220c585d8e0780f89a900909c22
-
SHA256
4bd72979db980a1f04bef54cd5a277d83422d5353a8453a867b1cd8a9bca446f
-
SHA512
cdd52e5cdae0a31a9ac40d58f85f2ca89c5daa5d6d67fc2fac3e0f8ac76442e1ade96a0e6f7738abde977f6e44e261688b30653e426cdde4978f19810488c028
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-