General
-
Target
HIGH DAMAGE.exe
-
Size
13.8MB
-
Sample
230204-w3ew5ahd6x
-
MD5
ac57f71e120e2d8f28972914dccdbe11
-
SHA1
fd4b154b11ab09f9c89deaddcd3383f2c472edc0
-
SHA256
1a3bd1e33de6d8ff3d9441d49f463f63afb02c6940513ed390440e89006c6813
-
SHA512
3c4c819e1a0990034e9cc8c177dcdb470956277da7681fe515c99bcaac55e8af4dffbe92c56647c91d15e76bafabd84810818d7601a5779116ea908d93c9ce59
-
SSDEEP
196608:bSXZAlqpb7KX/x1HhyehNJm3AqdKDnO8NpkSgsAGKaR2ehmytu9mEyDk3e3yRpT:IZAlqYXJBb/m3pgDOEkSgsvpuQrkuAp
Malware Config
Targets
-
-
Target
HIGH DAMAGE.exe
-
Size
13.8MB
-
MD5
ac57f71e120e2d8f28972914dccdbe11
-
SHA1
fd4b154b11ab09f9c89deaddcd3383f2c472edc0
-
SHA256
1a3bd1e33de6d8ff3d9441d49f463f63afb02c6940513ed390440e89006c6813
-
SHA512
3c4c819e1a0990034e9cc8c177dcdb470956277da7681fe515c99bcaac55e8af4dffbe92c56647c91d15e76bafabd84810818d7601a5779116ea908d93c9ce59
-
SSDEEP
196608:bSXZAlqpb7KX/x1HhyehNJm3AqdKDnO8NpkSgsAGKaR2ehmytu9mEyDk3e3yRpT:IZAlqYXJBb/m3pgDOEkSgsvpuQrkuAp
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-