General
-
Target
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252
-
Size
90KB
-
Sample
221126-kyqx2saf4t
-
MD5
db835bba2dafa1729db620b908f5e70f
-
SHA1
5cb5d095875e2d6e46eacc03c12bbc4189c138e2
-
SHA256
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252
-
SHA512
bcbd75978c152ddbbe72b201e5f68bbd9807690d5f9f839481e53852c36a65cbe804f9845762c363a78cc270eccb6bb5a1a1e7df2800cd205ed0df7dd7c8ca0b
-
SSDEEP
1536:DrhPDpRvH4RqIL8kh3eyT/uWEC7qthGEmOjq5Rj5f:DrBDpRvY+yqqE/j+R
Static task
static1
Behavioral task
behavioral1
Sample
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252
-
Size
90KB
-
MD5
db835bba2dafa1729db620b908f5e70f
-
SHA1
5cb5d095875e2d6e46eacc03c12bbc4189c138e2
-
SHA256
35063285fbb903f7349685e4263b25d0124fd087ba2a708202f7782de46d8252
-
SHA512
bcbd75978c152ddbbe72b201e5f68bbd9807690d5f9f839481e53852c36a65cbe804f9845762c363a78cc270eccb6bb5a1a1e7df2800cd205ed0df7dd7c8ca0b
-
SSDEEP
1536:DrhPDpRvH4RqIL8kh3eyT/uWEC7qthGEmOjq5Rj5f:DrBDpRvY+yqqE/j+R
Score8/10-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-