General
-
Target
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5
-
Size
2.5MB
-
Sample
220725-t3nsxsedc4
-
MD5
60603c03611bec2d605fd134af541c41
-
SHA1
97ea9b13dc1f7ee2b9ad231571ec4cfa6e2186fb
-
SHA256
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5
-
SHA512
793d8e0f5fb692236ef2678eb7a6e5e8e7af588a82238ba89ab3b1eaf588372dd31c16946ffd3be30c03bea0aee580bfb07333bcd8a2d464a52e15a319b435ed
Static task
static1
Behavioral task
behavioral1
Sample
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5
-
Size
2.5MB
-
MD5
60603c03611bec2d605fd134af541c41
-
SHA1
97ea9b13dc1f7ee2b9ad231571ec4cfa6e2186fb
-
SHA256
5540ebd0c042474a8831fa85f22af31bf269a7c5293b3b17a673a1c9f5de78a5
-
SHA512
793d8e0f5fb692236ef2678eb7a6e5e8e7af588a82238ba89ab3b1eaf588372dd31c16946ffd3be30c03bea0aee580bfb07333bcd8a2d464a52e15a319b435ed
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-