General
-
Target
Document.exe
-
Size
14.1MB
-
Sample
220907-ypwc3achd3
-
MD5
5210735409235c1aaf674fefddd33e35
-
SHA1
7c75657618cdeb21eedd587d960a608c4ead60f1
-
SHA256
053e7603d2776f39c17d74cd5a095d2fa4727ce019cb91274c135be4b9732358
-
SHA512
e382f86366f1a5dc7f665dd19e48410e69614cced4b5cb2deabec58e4b948906d34df42195010ea3a58e5c63579f042b0b6eb8e2f70c99d9b013d776f098985d
-
SSDEEP
393216:HlCtPYZxlHOFyCEDmlh2pNH2ciIrHWiCecGa9+L9:HPBzCEDUQpNkILexGog
Malware Config
Targets
-
-
Target
Document.exe
-
Size
14.1MB
-
MD5
5210735409235c1aaf674fefddd33e35
-
SHA1
7c75657618cdeb21eedd587d960a608c4ead60f1
-
SHA256
053e7603d2776f39c17d74cd5a095d2fa4727ce019cb91274c135be4b9732358
-
SHA512
e382f86366f1a5dc7f665dd19e48410e69614cced4b5cb2deabec58e4b948906d34df42195010ea3a58e5c63579f042b0b6eb8e2f70c99d9b013d776f098985d
-
SSDEEP
393216:HlCtPYZxlHOFyCEDmlh2pNH2ciIrHWiCecGa9+L9:HPBzCEDUQpNkILexGog
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-