General

  • Target

    c3692e26f072049f0cccf4f0c3eb69d66dcc0f5d51877b9715d9f1ef11d06a48

  • Size

    725KB

  • Sample

    220725-feey8afddq

  • MD5

    cafc3b89b90c54612b159dd4c2214046

  • SHA1

    e69f0389cbe8d4d769392c335f1fef9e2757b671

  • SHA256

    c3692e26f072049f0cccf4f0c3eb69d66dcc0f5d51877b9715d9f1ef11d06a48

  • SHA512

    8b8c121a16b7ffa4662d8772f731b74a0c7928742a09fb0a0116dfb9ee1ef127e7386cbe6dce750d14beebeb2d4f7fd1cc682789efd1b4cf6eb460243de8b9dc

Score
10/10

Malware Config

Targets

    • Target

      c3692e26f072049f0cccf4f0c3eb69d66dcc0f5d51877b9715d9f1ef11d06a48

    • Size

      725KB

    • MD5

      cafc3b89b90c54612b159dd4c2214046

    • SHA1

      e69f0389cbe8d4d769392c335f1fef9e2757b671

    • SHA256

      c3692e26f072049f0cccf4f0c3eb69d66dcc0f5d51877b9715d9f1ef11d06a48

    • SHA512

      8b8c121a16b7ffa4662d8772f731b74a0c7928742a09fb0a0116dfb9ee1ef127e7386cbe6dce750d14beebeb2d4f7fd1cc682789efd1b4cf6eb460243de8b9dc

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Connection Proxy

1
T1090

Tasks