3b242589fdc0ef49a59b2c7c16c4ced15e2105984afe1bae68efd72691bdaca4 | Triage

Sharing

General

Target

3b242589fdc0ef49a59b2c7c16c4ced15e2105984afe1bae68efd72691bdaca4
Size

116KB
Sample

221020-11jvhsgfc3
MD5

7e38f3037021bee6cb5a718e974cc188
SHA1

c5bf5a59f0f7d453b44dfaa7c9b3ef6e062f8611
SHA256

3b242589fdc0ef49a59b2c7c16c4ced15e2105984afe1bae68efd72691bdaca4
SHA512

24674aaf40639166a7e1c9dd56d5f64c075c87db15bbd8ffbd7a2b24ecdde72cb92b9d17f16767b742135a88b425f0baf5ebd2bf4dfc252788f9fa32b330c742
SSDEEP

1536:Et2a6pJxWSGfp5Y9QMoM12G8D/lgbfU3QKSSZBtnGHSes:Et4lR2MoM1dGNgCQ5lHS

Score

8^/10

Malware Config

Targets

- Target
  
  3b242589fdc0ef49a59b2c7c16c4ced15e2105984afe1bae68efd72691bdaca4
- Size
  
  116KB
- MD5
  
  7e38f3037021bee6cb5a718e974cc188
- SHA1
  
  c5bf5a59f0f7d453b44dfaa7c9b3ef6e062f8611
- SHA256
  
  3b242589fdc0ef49a59b2c7c16c4ced15e2105984afe1bae68efd72691bdaca4
- SHA512
  
  24674aaf40639166a7e1c9dd56d5f64c075c87db15bbd8ffbd7a2b24ecdde72cb92b9d17f16767b742135a88b425f0baf5ebd2bf4dfc252788f9fa32b330c742
- SSDEEP
  
  1536:Et2a6pJxWSGfp5Y9QMoM12G8D/lgbfU3QKSSZBtnGHSes:Et4lR2MoM1dGNgCQ5lHS
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2