General

  • Target

    385f0a0ccaec6272c8270f0d5228f2641cca916e84825ebb35dbebb036fa2165

  • Size

    843KB

  • Sample

    221130-tkbqmshb5y

  • MD5

    7e77bb853d227e06b635e6eb3e0b31f0

  • SHA1

    638759be4cbb014f56f143d111535e900224e4cb

  • SHA256

    385f0a0ccaec6272c8270f0d5228f2641cca916e84825ebb35dbebb036fa2165

  • SHA512

    83a78c0c76f5b49ae7962fe99f9332c92d3b424c3aa9f658d4cf61af68aa42151bdfca3c0e452fdfc579794d2a9b86f1316e8c3f6c34c98c31d43bf1a922113e

  • SSDEEP

    24576:y7hRoFHVEIUHWeRCEKgTOvU5/AX1N6Qth4ct1n:i1Id2KrvU4mcbn

Score
10/10

Malware Config

Targets

    • Target

      385f0a0ccaec6272c8270f0d5228f2641cca916e84825ebb35dbebb036fa2165

    • Size

      843KB

    • MD5

      7e77bb853d227e06b635e6eb3e0b31f0

    • SHA1

      638759be4cbb014f56f143d111535e900224e4cb

    • SHA256

      385f0a0ccaec6272c8270f0d5228f2641cca916e84825ebb35dbebb036fa2165

    • SHA512

      83a78c0c76f5b49ae7962fe99f9332c92d3b424c3aa9f658d4cf61af68aa42151bdfca3c0e452fdfc579794d2a9b86f1316e8c3f6c34c98c31d43bf1a922113e

    • SSDEEP

      24576:y7hRoFHVEIUHWeRCEKgTOvU5/AX1N6Qth4ct1n:i1Id2KrvU4mcbn

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Matrix ATT&CK v6

Command and Control

Connection Proxy

1
T1090

Tasks