General
-
Target
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55
-
Size
256KB
-
Sample
221125-beek8sec61
-
MD5
acb05e95d713b1772fb96a5e607d539f
-
SHA1
0017b03a38d00cf43fa36e40dd9f65da499c09f7
-
SHA256
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55
-
SHA512
d17a55ae1095a8e81d027aff27609d02f751f9fd5d7b5f19e2fe2c454ee5b53307595be630c673efe91e88fe6617aec883c1ff3146d8b564029121491b1e1aa4
-
SSDEEP
6144:mEfGkQqJ2KjIwEY52Y+n2e8couZ5nsvnnk6ReLEYHF2F8:mE1QQ2KkwbUn2e5sP6P2O
Static task
static1
Behavioral task
behavioral1
Sample
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55
-
Size
256KB
-
MD5
acb05e95d713b1772fb96a5e607d539f
-
SHA1
0017b03a38d00cf43fa36e40dd9f65da499c09f7
-
SHA256
5c1ebae5f7444b800fc335d39d5c9bf35a17960b347ee5eb3a00b52a7f56cd55
-
SHA512
d17a55ae1095a8e81d027aff27609d02f751f9fd5d7b5f19e2fe2c454ee5b53307595be630c673efe91e88fe6617aec883c1ff3146d8b564029121491b1e1aa4
-
SSDEEP
6144:mEfGkQqJ2KjIwEY52Y+n2e8couZ5nsvnnk6ReLEYHF2F8:mE1QQ2KkwbUn2e5sP6P2O
Score9/10-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-