General
-
Target
b925c85f01a5623f5c117ef862984252376c761f3ab5a3413c217823c1a67421
-
Size
724KB
-
Sample
220724-v12gnscfgj
-
MD5
d3a09aed1ef8d187dbdb7a425058ffc3
-
SHA1
2904d28d295160f8ac6ae4234e9c9cfd3af5f680
-
SHA256
b925c85f01a5623f5c117ef862984252376c761f3ab5a3413c217823c1a67421
-
SHA512
6bbeca556699d36672b46b476d1d5ca8ae9ed95627afea53054c99e2cee6140409a23603ecb96a1d6f59d257f24d2303b2c2fca1600b56ef15dfb11bbb00883b
Static task
static1
Behavioral task
behavioral1
Sample
b925c85f01a5623f5c117ef862984252376c761f3ab5a3413c217823c1a67421.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
b925c85f01a5623f5c117ef862984252376c761f3ab5a3413c217823c1a67421
-
Size
724KB
-
MD5
d3a09aed1ef8d187dbdb7a425058ffc3
-
SHA1
2904d28d295160f8ac6ae4234e9c9cfd3af5f680
-
SHA256
b925c85f01a5623f5c117ef862984252376c761f3ab5a3413c217823c1a67421
-
SHA512
6bbeca556699d36672b46b476d1d5ca8ae9ed95627afea53054c99e2cee6140409a23603ecb96a1d6f59d257f24d2303b2c2fca1600b56ef15dfb11bbb00883b
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-