General
-
Target
Drone2.exe
-
Size
10.8MB
-
Sample
221004-ydvmdscedq
-
MD5
4c00dff8e0b7b11c3513f1cfb7f8df65
-
SHA1
edbb16b9932e0e5fbf3ec8801eaced09bbccb03f
-
SHA256
61514d3d8c2c14fa94a1574d283257cf80d185aeee3cfb99dcff71c347fa0d8c
-
SHA512
da8db30d6b96e15db6725e0c0fc7ae01eebc5a75e6ba1192f3d9af0dd6ff3603505f53ef0c7c94efab9cccbfea66bb202a367b6aaa16642491eb6ee4f3140b88
-
SSDEEP
196608:nXOUpbDO6DjzpLRUZtO0oAinb9ZJf0W8/La9+x77Sxs5FpjyX9DWC5g:Fpb3dCEb9ZJcW84W7G2PpG4y
Behavioral task
behavioral1
Sample
Drone2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
Drone2.exe
-
Size
10.8MB
-
MD5
4c00dff8e0b7b11c3513f1cfb7f8df65
-
SHA1
edbb16b9932e0e5fbf3ec8801eaced09bbccb03f
-
SHA256
61514d3d8c2c14fa94a1574d283257cf80d185aeee3cfb99dcff71c347fa0d8c
-
SHA512
da8db30d6b96e15db6725e0c0fc7ae01eebc5a75e6ba1192f3d9af0dd6ff3603505f53ef0c7c94efab9cccbfea66bb202a367b6aaa16642491eb6ee4f3140b88
-
SSDEEP
196608:nXOUpbDO6DjzpLRUZtO0oAinb9ZJf0W8/La9+x77Sxs5FpjyX9DWC5g:Fpb3dCEb9ZJcW84W7G2PpG4y
Score8/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-