56317497d16dfd82345c12f18ed16ff8f674a48d67de017ef8d72c3525725a8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

archivo_cfd_documentYDBAKvdnfzaxsrkthqpq.zip
Size

2.4MB
Sample

230203-cqal4adc4t
MD5

955ab6e232eea85e4533671f060e30ec
SHA1

5aa8db93bf3021ac50895141f3602f440365390d
SHA256

56317497d16dfd82345c12f18ed16ff8f674a48d67de017ef8d72c3525725a8a
SHA512

ccab7a84e4b5e7bed8d80cd65e4ea3f01999bc29c312bda3594c1d45562fd9e75e93a60d962f2238daa9c55efb742f55b418fafa266d01e0567f9975793a5a21
SSDEEP

49152:PZZj30N0qE4PgLRCBSp7FaDex+yOFWM3VyEkUoYQyx7VbxD:PZ15qEkgvp9x+93+W7VFD

Score

6^/10

Malware Config

Targets

- Target
  
  archivocfd_documentGEFTLurbeamqnub.exe
- Size
  
  312.7MB
- MD5
  
  f0da1b5ba224c6f5c59e5f26e00ed6de
- SHA1
  
  94f64f99e98800c0236ac2b19862640e4bd6fb21
- SHA256
  
  56cbec527042104946f94e0f1349f1853ebac9ba668eba019fcaef570897126e
- SHA512
  
  5a031d710904d3d3cf1b29ffb6904ef1532d46ae39645780ce5e595b00f921563873d461ac3df78a0d9d44e02e2cacb0aa72698ddc909dc11a57eadab53594a9
- SSDEEP
  
  98304:r4WAmAZqdIEcWpZpWQpV2ePTOnBCVlJLu1zJu/w:r4aycZpBozw
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~32613.xml
- Size
  
  12KB
- MD5
  
  20993d0e3f4ce09f39cd119624f3541d
- SHA1
  
  e1ad60184a03f48217ab48742b1e2e141272d829
- SHA256
  
  be9f858306daf9c886fbe579db2f788a21a5531c7d0028b6d663fac43ffaeb0c
- SHA512
  
  1997c07f0cec3df29a849c1a950ffe80b9c3259d73a43b8a90cc99341fbdfb123f7d6825a5ed1020607261aa5ddd8c089ec3a2ba4bed8c4904fb8e95d445dd33
- SSDEEP
  
  192:PZWVghWcRIYiYF8r7S4maIYiYF8r7SvOjuFW:RW2hWoIYiE4maIYiE22W
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4