Overview

overview

8

Static

static

IP launcher.exe

windows7-x64

3

IP launcher.exe

windows10-2004-x64

8

Resubmissions

03/10/2022, 15:21

221003-srq88scgbp 8

03/10/2022, 15:19

221003-sqdlraced3 8

Sharing

Copy URL Twitter E-mail

General

  • Target

    IP launcher.exe

  • Size

    30.4MB

  • Sample

    221003-sqdlraced3

  • MD5

    8c12b2da2f841a812970b46d29cceb64

  • SHA1

    503b85e72142ef45ba84496471776b3c371eaed3

  • SHA256

    b8ffdb4e3ea2fa2a14cd9f014d1f13f7a3ea6a31a6b9701ece36253f852b25a9

  • SHA512

    4146da37cbad93518b4f7e19c971d790fe7dfb3fcf8ceeb56d5c2cfa7f81c2ed75955bc46c41a0abdb86c0e48f379816a308bfcee1673ac5f775286da8259869

  • SSDEEP

    786432:ne22mP80thrMsQz8hM1KcIqjZJxXpKqrd5ABHjMn4i:ne22AismTIqRXfrbABHID

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      IP launcher.exe

    • Size

      30.4MB

    • MD5

      8c12b2da2f841a812970b46d29cceb64

    • SHA1

      503b85e72142ef45ba84496471776b3c371eaed3

    • SHA256

      b8ffdb4e3ea2fa2a14cd9f014d1f13f7a3ea6a31a6b9701ece36253f852b25a9

    • SHA512

      4146da37cbad93518b4f7e19c971d790fe7dfb3fcf8ceeb56d5c2cfa7f81c2ed75955bc46c41a0abdb86c0e48f379816a308bfcee1673ac5f775286da8259869

    • SSDEEP

      786432:ne22mP80thrMsQz8hM1KcIqjZJxXpKqrd5ABHjMn4i:ne22AismTIqRXfrbABHID

    Score
    8/10
    spywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks