General
-
Target
ee99bc6af133dcf82be60f53a74e7bdf66406c93d5961adcc8970c322f78c3df
-
Size
498KB
-
Sample
220725-ffwncsfcg2
-
MD5
7b3e3aa6979158c6c1233a3ba57a0f79
-
SHA1
5eae3e768bc8c12076642e890378d0509165d294
-
SHA256
ee99bc6af133dcf82be60f53a74e7bdf66406c93d5961adcc8970c322f78c3df
-
SHA512
791be27d308ee8f946b6b874d0808799e1f2b0f2dfde82dae29af345a0de4eb48ed195dbd3bc2db1f203441c1e6322e568c8d99cc9390028a489dd5dd171418f
Static task
static1
Behavioral task
behavioral1
Sample
ee99bc6af133dcf82be60f53a74e7bdf66406c93d5961adcc8970c322f78c3df.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
ee99bc6af133dcf82be60f53a74e7bdf66406c93d5961adcc8970c322f78c3df
-
Size
498KB
-
MD5
7b3e3aa6979158c6c1233a3ba57a0f79
-
SHA1
5eae3e768bc8c12076642e890378d0509165d294
-
SHA256
ee99bc6af133dcf82be60f53a74e7bdf66406c93d5961adcc8970c322f78c3df
-
SHA512
791be27d308ee8f946b6b874d0808799e1f2b0f2dfde82dae29af345a0de4eb48ed195dbd3bc2db1f203441c1e6322e568c8d99cc9390028a489dd5dd171418f
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-