da27e4ff9781fc1a50fde66658049715a6cd7c37b0b425cbff7adbce8f155b52 | Triage

Sharing

General

Target

da27e4ff9781fc1a50fde66658049715a6cd7c37b0b425cbff7adbce8f155b52
Size

74KB
Sample

221019-1d3dcahed7
MD5

91d5e72aa96682eb07b15c68303a58c0
SHA1

165339eb7090b4f3c9b32e25f47e16c7b06d3483
SHA256

da27e4ff9781fc1a50fde66658049715a6cd7c37b0b425cbff7adbce8f155b52
SHA512

3a22af6dcd012e02a165e74960f682dcead4ce4f2b87d01ba2e82515f14bbd5e1096c26dd1b541ccfe35a0f83e6f9c85c94bda57b9ee6fc894e1765b59865892
SSDEEP

1536:9KC9NWMm/YzIWkwW4k+iLWom5TqcF6NXqXvdz/lWHu1:ZQxgdWb+iLXNXqXvdz/lQg

Score

8^/10

Malware Config

Targets

- Target
  
  da27e4ff9781fc1a50fde66658049715a6cd7c37b0b425cbff7adbce8f155b52
- Size
  
  74KB
- MD5
  
  91d5e72aa96682eb07b15c68303a58c0
- SHA1
  
  165339eb7090b4f3c9b32e25f47e16c7b06d3483
- SHA256
  
  da27e4ff9781fc1a50fde66658049715a6cd7c37b0b425cbff7adbce8f155b52
- SHA512
  
  3a22af6dcd012e02a165e74960f682dcead4ce4f2b87d01ba2e82515f14bbd5e1096c26dd1b541ccfe35a0f83e6f9c85c94bda57b9ee6fc894e1765b59865892
- SSDEEP
  
  1536:9KC9NWMm/YzIWkwW4k+iLWom5TqcF6NXqXvdz/lWHu1:ZQxgdWb+iLXNXqXvdz/lQg
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2