General
-
Target
ef12c751bb9d44b426bd66f656db123b054e7f9d0defa006369ac12c490cada0
-
Size
445KB
-
Sample
220724-rjx65sfbb6
-
MD5
3e31963742308f6e8df538854490df9d
-
SHA1
9a6d43d5bddbbd42ba84ba2792f60a4ae9d49087
-
SHA256
ef12c751bb9d44b426bd66f656db123b054e7f9d0defa006369ac12c490cada0
-
SHA512
8703450533e1dc7e62914ad862552d4019fc37dbf2b895c261a1a554311a0304b1e5370e1fbeafe2fdeec635b6b860c7912948d37e8eb64f1f4e53ac2b8737ba
Static task
static1
Behavioral task
behavioral1
Sample
ef12c751bb9d44b426bd66f656db123b054e7f9d0defa006369ac12c490cada0.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
ef12c751bb9d44b426bd66f656db123b054e7f9d0defa006369ac12c490cada0
-
Size
445KB
-
MD5
3e31963742308f6e8df538854490df9d
-
SHA1
9a6d43d5bddbbd42ba84ba2792f60a4ae9d49087
-
SHA256
ef12c751bb9d44b426bd66f656db123b054e7f9d0defa006369ac12c490cada0
-
SHA512
8703450533e1dc7e62914ad862552d4019fc37dbf2b895c261a1a554311a0304b1e5370e1fbeafe2fdeec635b6b860c7912948d37e8eb64f1f4e53ac2b8737ba
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-