Analysis
-
max time kernel
118s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
24-11-2022 21:44
Static task
static1
3 signatures
Behavioral task
behavioral1
Sample
payload.exe
Resource
win10v2004-20221111-en
1 signatures
120 seconds
General
-
Target
payload.exe
-
Size
502KB
-
MD5
becb2f014c1cbebcad2e3b8388ce3040
-
SHA1
96eda53b2dce7058189589d79cdcc0c359de73b8
-
SHA256
db92de179132a3a9b1172d9cbb40f0720d8a24a1af416c77f15ffa44498ccf44
-
SHA512
a7201a2ff3a39d0cf47980454ddfa71572dc44ea454a1ad5280058eaeb9610194a710da127f6e5b02637f0a478106bf0c2d761d280ad59854e73ccfec6a00b27
-
SSDEEP
6144:rbS/QTjhUqBfxrwEnuNcSsm7IoYGW0VvBXCAt6kihwE+VDpJYWmlwnx9zHj:rQtqB5urTIoYWBQk1E+VF9mOx9P
Score
6/10
Malware Config
Signatures
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
Processes:
flow ioc 47 whatismyipaddress.com