Overview

overview

8

Static

static

1

36b941030a...61.exe

windows7-x64

8

36b941030a...61.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36b941030a351980814b5e31063e26e66acff034a872b33609e45d8cea892b61

  • Size

    659KB

  • Sample

    221107-hppyaafddp

  • MD5

    3e7be76f29c24b8c2335227e59012882

  • SHA1

    fc15731a06465033bb74200b9541d5851a815fdd

  • SHA256

    36b941030a351980814b5e31063e26e66acff034a872b33609e45d8cea892b61

  • SHA512

    afdcf493905e1980bb8064416e74d7cfcaa72422e34c0229d5d19c66b56bc16613c9337081c92e161aca5ca6590c4bb8776b22a57e8c5997478040ad0e71601a

  • SSDEEP

    12288:8saCmRylvwCooDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDz:bs/Lx+kqoU

Score
8/10
evasion

Malware Config

Targets

    • Target

      36b941030a351980814b5e31063e26e66acff034a872b33609e45d8cea892b61

    • Size

      659KB

    • MD5

      3e7be76f29c24b8c2335227e59012882

    • SHA1

      fc15731a06465033bb74200b9541d5851a815fdd

    • SHA256

      36b941030a351980814b5e31063e26e66acff034a872b33609e45d8cea892b61

    • SHA512

      afdcf493905e1980bb8064416e74d7cfcaa72422e34c0229d5d19c66b56bc16613c9337081c92e161aca5ca6590c4bb8776b22a57e8c5997478040ad0e71601a

    • SSDEEP

      12288:8saCmRylvwCooDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDz:bs/Lx+kqoU

    Score
    8/10
    evasion

    • Executes dropped EXE

    • Stops running service(s)

      evasion

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks