General
-
Target
0f6f452ee406b3360e39819aac42a200.exe
-
Size
108KB
-
Sample
221211-kaqblsgf92
-
MD5
0f6f452ee406b3360e39819aac42a200
-
SHA1
e62b9163c2eddbc8bdf262faf11ac1f5f1e25683
-
SHA256
76bd9bebdadfeda8974424b76d669a8f22b4a1178b1a9caae0d2c5a60c9db5e9
-
SHA512
7a0ed3fc2195b52df334d127b73a454fb65dbfa991cf9d543eacadc80b9874a7fb7894dde66c265c03c7b6a794890c9d66acd08525d843dfec93d693ff96897c
-
SSDEEP
1536:tJBChC4Ri7LWJgg2vTC/29r2VoRvz7tM1kPYqwtFUNn0WJWsa9tNUQukOVRcqAZc:td7LrNTC/21RrtwqaFFF9tNUXfVRK
Static task
static1
Behavioral task
behavioral1
Sample
0f6f452ee406b3360e39819aac42a200.exe
Resource
win7-20220901-en
Malware Config
Extracted
systembc
asdasd08.com:4039
asdasd08.xyz:4039
Targets
-
-
Target
0f6f452ee406b3360e39819aac42a200.exe
-
Size
108KB
-
MD5
0f6f452ee406b3360e39819aac42a200
-
SHA1
e62b9163c2eddbc8bdf262faf11ac1f5f1e25683
-
SHA256
76bd9bebdadfeda8974424b76d669a8f22b4a1178b1a9caae0d2c5a60c9db5e9
-
SHA512
7a0ed3fc2195b52df334d127b73a454fb65dbfa991cf9d543eacadc80b9874a7fb7894dde66c265c03c7b6a794890c9d66acd08525d843dfec93d693ff96897c
-
SSDEEP
1536:tJBChC4Ri7LWJgg2vTC/29r2VoRvz7tM1kPYqwtFUNn0WJWsa9tNUQukOVRcqAZc:td7LrNTC/21RrtwqaFFF9tNUXfVRK
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-