General
-
Target
Drone2.exe
-
Size
10.8MB
-
Sample
221009-znbspshgg6
-
MD5
5cef302d562e2569becff909686b8ea1
-
SHA1
05bf0f255af36041d5eaf06adb4f2750b0581485
-
SHA256
47efb225bf6f1204d7d0be764d4611b5ee8c3ae8a66132ef1dcecc426925b365
-
SHA512
2374f87f4648cec0e3c92b6469aa24be8cdd1b729399d6c96a9a57d92dc275de21a8e77cbeedb6ee5984377c40864bf8d6788aeaf74d0d03a67c99eb920b6081
-
SSDEEP
196608:NcoUpbDO6DjzpLRUZtO0oAinbazJf0W8/LaK+E77S/s5Fpj0X9D9CPP:Kpb3dCEboJcW8bx7G0Ppc/c
Behavioral task
behavioral1
Sample
Drone2.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
Drone2.exe
-
Size
10.8MB
-
MD5
5cef302d562e2569becff909686b8ea1
-
SHA1
05bf0f255af36041d5eaf06adb4f2750b0581485
-
SHA256
47efb225bf6f1204d7d0be764d4611b5ee8c3ae8a66132ef1dcecc426925b365
-
SHA512
2374f87f4648cec0e3c92b6469aa24be8cdd1b729399d6c96a9a57d92dc275de21a8e77cbeedb6ee5984377c40864bf8d6788aeaf74d0d03a67c99eb920b6081
-
SSDEEP
196608:NcoUpbDO6DjzpLRUZtO0oAinbazJf0W8/LaK+E77S/s5Fpj0X9D9CPP:Kpb3dCEboJcW8bx7G0Ppc/c
Score8/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-