e3970a39ff671fc12d74931900876ba7e2478cf4631c7b80805e276e647119f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e3970a39ff671fc12d74931900876ba7e2478cf4631c7b80805e276e647119f2
Size

29KB
Sample

221125-1cyzjagc67
MD5

ae865597cd213d0ce34dcdd48dc9e4ec
SHA1

246bf498db39085374689025bd1c43e8146f929c
SHA256

e3970a39ff671fc12d74931900876ba7e2478cf4631c7b80805e276e647119f2
SHA512

fa466d41ab25c34c3349a566727db991f6ba3af8feaf364df319e7270b14c98eb66c8a96f4878b8bce706ec2fb919b3dead1ed4ec2f80633f8d1bb0fccb7da40
SSDEEP

192:TdOwUoAVBSOmNaMio0HMQoV37nK37nK37nvo0HVQoY7nId/Kp8BYlIbSHI8RnT+l:rUo2mDdE8MlRp0GSSmxj

Score

8^/10

Malware Config

Targets

- Target
  
  e3970a39ff671fc12d74931900876ba7e2478cf4631c7b80805e276e647119f2
- Size
  
  29KB
- MD5
  
  ae865597cd213d0ce34dcdd48dc9e4ec
- SHA1
  
  246bf498db39085374689025bd1c43e8146f929c
- SHA256
  
  e3970a39ff671fc12d74931900876ba7e2478cf4631c7b80805e276e647119f2
- SHA512
  
  fa466d41ab25c34c3349a566727db991f6ba3af8feaf364df319e7270b14c98eb66c8a96f4878b8bce706ec2fb919b3dead1ed4ec2f80633f8d1bb0fccb7da40
- SSDEEP
  
  192:TdOwUoAVBSOmNaMio0HMQoV37nK37nK37nvo0HVQoY7nId/Kp8BYlIbSHI8RnT+l:rUo2mDdE8MlRp0GSSmxj
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2