General
-
Target
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620
-
Size
205KB
-
Sample
221128-gs27cabb57
-
MD5
a68fca7118b49b5cd23a4935961db414
-
SHA1
b012adfbb775b9bdcb97f0f6499cef78c1d164eb
-
SHA256
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620
-
SHA512
a079dd81d95867b5850a2c2752f2bff095d07da9dd3210559f2ecfa0ff2efe60208691e19c5a3d2c0110240adde35264546367b668d196baf037604ea28b9f54
-
SSDEEP
6144:2tDhyn6LyqfdR5SeZo7N9PmRqV4Q+zSt+:2tDdfD5SIO9PmRGww+
Static task
static1
Behavioral task
behavioral1
Sample
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620
-
Size
205KB
-
MD5
a68fca7118b49b5cd23a4935961db414
-
SHA1
b012adfbb775b9bdcb97f0f6499cef78c1d164eb
-
SHA256
7eb6b2a7023300666acd2778fcfb450a9fbe2572f4f5e80a665a3fb17a2c1620
-
SHA512
a079dd81d95867b5850a2c2752f2bff095d07da9dd3210559f2ecfa0ff2efe60208691e19c5a3d2c0110240adde35264546367b668d196baf037604ea28b9f54
-
SSDEEP
6144:2tDhyn6LyqfdR5SeZo7N9PmRqV4Q+zSt+:2tDdfD5SIO9PmRGww+
Score9/10-
Drops startup file
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-