General
-
Target
bbc8642f184ca267648daa057474219899d5ba04f5cef9e530eef99ce1bb9514
-
Size
671KB
-
Sample
220725-ahvaesehgp
-
MD5
f6bdf58f0ab7ea76f7527953be3c514f
-
SHA1
63f86c1d575bdcf1b6ac196daf5d6d641340e260
-
SHA256
bbc8642f184ca267648daa057474219899d5ba04f5cef9e530eef99ce1bb9514
-
SHA512
9b7eea48364d750f8fb42951f70e8368e8e537389852c62b79c63302e8635bdfd8a99bf462ffee4af595eeebea3053cef14d38f940ab076c114abe5c438a35e3
Behavioral task
behavioral1
Sample
bbc8642f184ca267648daa057474219899d5ba04f5cef9e530eef99ce1bb9514.exe
Resource
win7-20220718-en
Malware Config
Targets
-
-
Target
bbc8642f184ca267648daa057474219899d5ba04f5cef9e530eef99ce1bb9514
-
Size
671KB
-
MD5
f6bdf58f0ab7ea76f7527953be3c514f
-
SHA1
63f86c1d575bdcf1b6ac196daf5d6d641340e260
-
SHA256
bbc8642f184ca267648daa057474219899d5ba04f5cef9e530eef99ce1bb9514
-
SHA512
9b7eea48364d750f8fb42951f70e8368e8e537389852c62b79c63302e8635bdfd8a99bf462ffee4af595eeebea3053cef14d38f940ab076c114abe5c438a35e3
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-