911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3 | Triage

Submit
Reports

Overview

overview

8

Static

static

911c634ae5...d3.exe

windows7-x64

8

911c634ae5...d3.exe

windows10-2004-x64

8

Sharing

General

Target

911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3
Size

512KB
Sample

221124-jawb7agg94
MD5

7b7c92f2255a5baee981af9737366dd1
SHA1

7efd6b6cf514362190df2d830c96f73597e83489
SHA256

911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3
SHA512

b70f0bd0b9d660a1ac54e538da7c9d68b65f879acaaaa355f5f91cb85aa370d339dae502544b3852532e65986b758025bd127440832b988712c86cedb82265af
SSDEEP

6144:UHFzKyizsjFNRfTV5HZ7dmuvvUf84t+ux9ScKLD62L:UHFmlzsjXL55ZmyvUf8bux9WD62L

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3.exe

Resource

win7-20220812-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3
- Size
  
  512KB
- MD5
  
  7b7c92f2255a5baee981af9737366dd1
- SHA1
  
  7efd6b6cf514362190df2d830c96f73597e83489
- SHA256
  
  911c634ae5c60d04ee20c59a996d79db490e069d4ab16aa2ef0e8defe1d3bad3
- SHA512
  
  b70f0bd0b9d660a1ac54e538da7c9d68b65f879acaaaa355f5f91cb85aa370d339dae502544b3852532e65986b758025bd127440832b988712c86cedb82265af
- SSDEEP
  
  6144:UHFzKyizsjFNRfTV5HZ7dmuvvUf84t+ux9ScKLD62L:UHFmlzsjXL55ZmyvUf8bux9WD62L
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy