General
-
Target
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba
-
Size
616KB
-
Sample
221125-vqdymaca82
-
MD5
39f88bd5f2192b565c5a30d7c2227e24
-
SHA1
8166c63bc5260e6458dfc3c5453297310a0e8f0a
-
SHA256
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba
-
SHA512
2f84a70768cea20b6d2c94b92158ec3cf7e7dd90c823153c3b331826c9244a012c0df4f0563e94a79b5313a178864508c59698cd009c1fb20048900892172dfe
-
SSDEEP
12288:4KQSwV21oiQCuY7oCQ6EQ28HTLdaDTgJD2sy3EW:4Kt00c13AzYDT
Static task
static1
Behavioral task
behavioral1
Sample
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba
-
Size
616KB
-
MD5
39f88bd5f2192b565c5a30d7c2227e24
-
SHA1
8166c63bc5260e6458dfc3c5453297310a0e8f0a
-
SHA256
e2ab27c104c32fea4631de8cb40731288d6c866c134b727475dbe96c78d16bba
-
SHA512
2f84a70768cea20b6d2c94b92158ec3cf7e7dd90c823153c3b331826c9244a012c0df4f0563e94a79b5313a178864508c59698cd009c1fb20048900892172dfe
-
SSDEEP
12288:4KQSwV21oiQCuY7oCQ6EQ28HTLdaDTgJD2sy3EW:4Kt00c13AzYDT
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-