General
-
Target
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357
-
Size
201KB
-
Sample
221128-gf1sraac44
-
MD5
3d3ad4451fe3dbbf4b65019c45350ebe
-
SHA1
b9ce92343985301e9fb9c9bbba3d7882d4d8c206
-
SHA256
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357
-
SHA512
c45a874c766ceb415106cc2d6a4f0325e62d1f5d34d4b6320a3d2ea4040c5a786fa6b83c674aa2242a7e119b8c114521009f7b8db40180f2b65baf2620780af1
-
SSDEEP
6144:K6RUQzD5g9q7hiQc6vxLX3vxq3w+XEUZAVIr9:KVQz1vNiQJ9X3v431EBVe
Static task
static1
Behavioral task
behavioral1
Sample
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357
-
Size
201KB
-
MD5
3d3ad4451fe3dbbf4b65019c45350ebe
-
SHA1
b9ce92343985301e9fb9c9bbba3d7882d4d8c206
-
SHA256
c4db759ef1dc9d4d8ca8e776fa7d2e4bdc91e7d8d91a2466121c7b72c45e1357
-
SHA512
c45a874c766ceb415106cc2d6a4f0325e62d1f5d34d4b6320a3d2ea4040c5a786fa6b83c674aa2242a7e119b8c114521009f7b8db40180f2b65baf2620780af1
-
SSDEEP
6144:K6RUQzD5g9q7hiQc6vxLX3vxq3w+XEUZAVIr9:KVQz1vNiQJ9X3v431EBVe
Score9/10-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-