General
-
Target
Setup.exe
-
Size
21.6MB
-
Sample
220930-y8mj9sffgm
-
MD5
5b10662febd8155eada7f2cfdecbc7b2
-
SHA1
daf637e0cdc079750e476d73a5a3ad7888148923
-
SHA256
9eb53efdc3cbaae173771f99a730a2d5e164d8889cbc9dcba699bf416d4596a5
-
SHA512
fbb00245cf3dce6f25c5b999f0d0dfbb3fed11fe52a9c42b6bdf92d4aa70644b0b4ee3cdef42068252c7164364ab059af354b93fa6bfd5dba93e21fa377c5963
-
SSDEEP
393216:sixdyJhoonHWpOnz6L2Vmd6mI/m3pwc/eO47G99M9BJHOaJvwKDY+4prMLjbSJ9:sizyJ+UHg4GyVmdSKwuP+1jvYKTS7
Malware Config
Targets
-
-
Target
Setup.exe
-
Size
21.6MB
-
MD5
5b10662febd8155eada7f2cfdecbc7b2
-
SHA1
daf637e0cdc079750e476d73a5a3ad7888148923
-
SHA256
9eb53efdc3cbaae173771f99a730a2d5e164d8889cbc9dcba699bf416d4596a5
-
SHA512
fbb00245cf3dce6f25c5b999f0d0dfbb3fed11fe52a9c42b6bdf92d4aa70644b0b4ee3cdef42068252c7164364ab059af354b93fa6bfd5dba93e21fa377c5963
-
SSDEEP
393216:sixdyJhoonHWpOnz6L2Vmd6mI/m3pwc/eO47G99M9BJHOaJvwKDY+4prMLjbSJ9:sizyJ+UHg4GyVmdSKwuP+1jvYKTS7
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-