General
-
Target
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e
-
Size
231KB
-
Sample
221124-lvp21shh7w
-
MD5
586d09812873d8edfd1d34342745b66e
-
SHA1
1cfaf85449642cf54473bd2edecaa60159906b59
-
SHA256
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e
-
SHA512
a4542cc2e2cabfe0bf05b9626c4cee0500374c5a8e9ce36ebd908ebb7d8357f0d5259d2d3125e3b55ec48ed32fe13c0a9e8d67780e5abd9d6ac6cd52addcbc09
-
SSDEEP
6144:jRKO4/326Td4XGbTGxg/ux+x0jWAkMSLx:j4p/326TSKTGxg2Qx0drax
Static task
static1
Behavioral task
behavioral1
Sample
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e
-
Size
231KB
-
MD5
586d09812873d8edfd1d34342745b66e
-
SHA1
1cfaf85449642cf54473bd2edecaa60159906b59
-
SHA256
f2ff6ad97b11067ba520d14ccd9c611ad742858775bec88a3d615aa7c5c6333e
-
SHA512
a4542cc2e2cabfe0bf05b9626c4cee0500374c5a8e9ce36ebd908ebb7d8357f0d5259d2d3125e3b55ec48ed32fe13c0a9e8d67780e5abd9d6ac6cd52addcbc09
-
SSDEEP
6144:jRKO4/326Td4XGbTGxg/ux+x0jWAkMSLx:j4p/326TSKTGxg2Qx0drax
Score8/10-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-