General

  • Target

    Dronetry2.exe

  • Size

    10.8MB

  • Sample

    221002-y1pdwshbc4

  • MD5

    cfce3107302d310b8669783e8428d2ea

  • SHA1

    a5bc70eff905ba0523922e1576afd693774d8c74

  • SHA256

    102ad5542ced0ce7a762685d7c0b9437b721789185609ef5d97b6236e6679fe8

  • SHA512

    2f0ead5ff5b43e0ed35f6b961c052ee021bc2c44027afdbc3d53cc396fa5e1a923a7b8b0af4a784326e6b21bb30726ab504be9e5dfd5c17d0ac2279ba429a31f

  • SSDEEP

    196608:rPmXUpbDO6DjzpLRUZtO0oAinb4A2Jf0W8/LaL+s77Sxs5FpjUX9DkCPc:Rpb3dCEb4A2JcW8aR7G2PpkKc

Score
8/10

Malware Config

Targets

    • Target

      Dronetry2.exe

    • Size

      10.8MB

    • MD5

      cfce3107302d310b8669783e8428d2ea

    • SHA1

      a5bc70eff905ba0523922e1576afd693774d8c74

    • SHA256

      102ad5542ced0ce7a762685d7c0b9437b721789185609ef5d97b6236e6679fe8

    • SHA512

      2f0ead5ff5b43e0ed35f6b961c052ee021bc2c44027afdbc3d53cc396fa5e1a923a7b8b0af4a784326e6b21bb30726ab504be9e5dfd5c17d0ac2279ba429a31f

    • SSDEEP

      196608:rPmXUpbDO6DjzpLRUZtO0oAinb4A2Jf0W8/LaL+s77Sxs5FpjUX9DkCPc:Rpb3dCEb4A2JcW8aR7G2PpkKc

    Score
    8/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Web Service

1
T1102

Tasks