General
-
Target
260b0475cb253fdbfe7fcca5da72d654.exe
-
Size
445KB
-
Sample
220825-xjl2rshbek
-
MD5
260b0475cb253fdbfe7fcca5da72d654
-
SHA1
bab9a8096fd77be62e46fbd3d19322798dbf0b2c
-
SHA256
acd5409f9d010cd52931d76e42923387c6e34ca855b5878e13c16a1c2fa99e27
-
SHA512
2521e6e3c0d541d412d7a4f5d233c6a7604969fd17f7f2cc32de9ce4236a8539681aa1d505d7363547a5a9edf44e6b6b7b8101307d02ea7d9e19c3adea48dc15
-
SSDEEP
3072:3owRomXjZLHAJh2DxkUhyvc7kq80CEZ/hs+LZMfKVsvMBOXpWNFCP:vOQBHuU9kfvc7kp+VMKVqsOXpk8
Behavioral task
behavioral1
Sample
260b0475cb253fdbfe7fcca5da72d654.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
260b0475cb253fdbfe7fcca5da72d654.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
matiex
https://api.telegram.org/bot1756187234:AAEwfPYzakHSD2qBn9cgXWrQVwhYmkqQScY/sendMessage?chat_id=1704325017
Targets
-
-
Target
260b0475cb253fdbfe7fcca5da72d654.exe
-
Size
445KB
-
MD5
260b0475cb253fdbfe7fcca5da72d654
-
SHA1
bab9a8096fd77be62e46fbd3d19322798dbf0b2c
-
SHA256
acd5409f9d010cd52931d76e42923387c6e34ca855b5878e13c16a1c2fa99e27
-
SHA512
2521e6e3c0d541d412d7a4f5d233c6a7604969fd17f7f2cc32de9ce4236a8539681aa1d505d7363547a5a9edf44e6b6b7b8101307d02ea7d9e19c3adea48dc15
-
SSDEEP
3072:3owRomXjZLHAJh2DxkUhyvc7kq80CEZ/hs+LZMfKVsvMBOXpWNFCP:vOQBHuU9kfvc7kp+VMKVqsOXpk8
Score10/10-
Matiex Main payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-