General
-
Target
fake.exe
-
Size
9.4MB
-
Sample
220923-ryblpaaehl
-
MD5
f1ae64564f4ce453fe38af402d5e69de
-
SHA1
d7dc73d3db53ca30f9c908075d6f82dd43f9b07c
-
SHA256
56141f180e5e98b673857b278c978954f5086d268c7c7040f33937376fe77f0f
-
SHA512
e9caa5d1a44a23eae9270079f9d872f5e08f9177090a3b13caedb0c3733ef430892fa716dff22f6b3d16a65107962beceabea67c41ca364b4ad93bf59c31bcea
-
SSDEEP
196608:TnchbczDIfTKC0U2whym8WUfUv6wq4GAwPgTg0vVl6JXZoJCXYbAJp9EKnl6U:TubwIfTOU2whyalS9Yi0v76JycXYEJpV
Behavioral task
behavioral1
Sample
fake.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
fake.exe
-
Size
9.4MB
-
MD5
f1ae64564f4ce453fe38af402d5e69de
-
SHA1
d7dc73d3db53ca30f9c908075d6f82dd43f9b07c
-
SHA256
56141f180e5e98b673857b278c978954f5086d268c7c7040f33937376fe77f0f
-
SHA512
e9caa5d1a44a23eae9270079f9d872f5e08f9177090a3b13caedb0c3733ef430892fa716dff22f6b3d16a65107962beceabea67c41ca364b4ad93bf59c31bcea
-
SSDEEP
196608:TnchbczDIfTKC0U2whym8WUfUv6wq4GAwPgTg0vVl6JXZoJCXYbAJp9EKnl6U:TubwIfTOU2whyalS9Yi0v76JycXYEJpV
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-