4e64776e3c8b0f6e432fb300b8f7d95b10d1a8ec223d15e1462d64cdde555c50 | Triage

Resubmissions

30-09-2022 10:35

220930-mm59psebhl 6

29-09-2022 13:01

220929-p9fcxaahd8 6

17-12-2021 18:47

211217-xfnq7aegfp 10

16-12-2021 14:14

211216-rj2vbsccc8 10

16-12-2021 14:07

211216-re4s5achhj 10

Sharing

General

Target

RL.exe
Size

333KB
Sample

220929-p9fcxaahd8
MD5

981f7a4bb2592bffcbdf543a742cb1a2
SHA1

64d97d061583e343ce7a02a4b905281d95ff0bba
SHA256

4e64776e3c8b0f6e432fb300b8f7d95b10d1a8ec223d15e1462d64cdde555c50
SHA512

b0be15a1d8a80506de3b615f1c5713a9acaf46b9577187f6c1dbfa6539b0641ebc4c83178a3c4bed2342d5e8bea4c910b30853d1e91b87b824d4f9173b46397b
SSDEEP

6144:Jk2RY4ljn2ESxRTIoWD4BXHOfCzP+52iC3WfiNaw1QDSLk/3U:Jk2RYi6TIoWMZ4GWf19/k

Score

6^/10

Malware Config

Targets

- Target
  
  RL.exe
- Size
  
  333KB
- MD5
  
  981f7a4bb2592bffcbdf543a742cb1a2
- SHA1
  
  64d97d061583e343ce7a02a4b905281d95ff0bba
- SHA256
  
  4e64776e3c8b0f6e432fb300b8f7d95b10d1a8ec223d15e1462d64cdde555c50
- SHA512
  
  b0be15a1d8a80506de3b615f1c5713a9acaf46b9577187f6c1dbfa6539b0641ebc4c83178a3c4bed2342d5e8bea4c910b30853d1e91b87b824d4f9173b46397b
- SSDEEP
  
  6144:Jk2RY4ljn2ESxRTIoWD4BXHOfCzP+52iC3WfiNaw1QDSLk/3U:Jk2RYi6TIoWMZ4GWf19/k
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1