General
-
Target
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf
-
Size
109KB
-
Sample
221128-dvnvysfb7w
-
MD5
364a4598b51f44332e67e001f1b0803f
-
SHA1
ff42dec2fdddb5d7714b0269afaac3aa5b26a0e3
-
SHA256
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf
-
SHA512
b601b809182b3a3fc636d3a0ea6daf11b42244b0ce2d0a486353d1aa5913a109daafc4592898e80faa1a5f8e4632b7a09a5e0cbb5e740b7d8a236354bf80c9af
-
SSDEEP
3072:c6vgNUWoU9E2TQacJR4NoupGZQohR2bMX5U:c6vg2LU9E2TGXRQ4R3a
Static task
static1
Behavioral task
behavioral1
Sample
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf
-
Size
109KB
-
MD5
364a4598b51f44332e67e001f1b0803f
-
SHA1
ff42dec2fdddb5d7714b0269afaac3aa5b26a0e3
-
SHA256
a22382517b602b256a1243e54868870db35db9c391a991754d3a97737aa5a1cf
-
SHA512
b601b809182b3a3fc636d3a0ea6daf11b42244b0ce2d0a486353d1aa5913a109daafc4592898e80faa1a5f8e4632b7a09a5e0cbb5e740b7d8a236354bf80c9af
-
SSDEEP
3072:c6vgNUWoU9E2TQacJR4NoupGZQohR2bMX5U:c6vg2LU9E2TGXRQ4R3a
Score8/10-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-