General
-
Target
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9
-
Size
224KB
-
Sample
221125-z21zraad2t
-
MD5
5f3e8e6891e96477d4d9cba602e86966
-
SHA1
043f7cd8a45497eb4058f2a9a7ac56b396674b21
-
SHA256
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9
-
SHA512
5469d4d4869d9767f931ca87d9a1b936c98251b234a77d2b1f57e037276398b54b7b36fe33ca23c4c4dd18440cfc8539e016feb9a70063d163916225bf0a4891
-
SSDEEP
6144:2Cha39c49QSKTG9491OcrRF2zV2qV4hGm4V:2EK9ccfeG94i08zVl4w5
Static task
static1
Behavioral task
behavioral1
Sample
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9
-
Size
224KB
-
MD5
5f3e8e6891e96477d4d9cba602e86966
-
SHA1
043f7cd8a45497eb4058f2a9a7ac56b396674b21
-
SHA256
bb2cbfe187efe5516dcdc42472079d25b2c7be462802df209aa6386269d5afc9
-
SHA512
5469d4d4869d9767f931ca87d9a1b936c98251b234a77d2b1f57e037276398b54b7b36fe33ca23c4c4dd18440cfc8539e016feb9a70063d163916225bf0a4891
-
SSDEEP
6144:2Cha39c49QSKTG9491OcrRF2zV2qV4hGm4V:2EK9ccfeG94i08zVl4w5
Score9/10-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-