General
-
Target
L_0SpooferXX.exe
-
Size
17.8MB
-
Sample
230205-ebphtabd6z
-
MD5
80ae1538ef6d102fe84a6218b239a0c9
-
SHA1
cda6dc7994c0ed71e7688ed8a5608c266543d636
-
SHA256
24a1e8f1024a2a6a5a6b648f98f0eb270dd90ae4854aa2954a6e38d5bf4adbba
-
SHA512
86149af84ef1ae31fcb72ded4bddd95541be1741284a1980259590ede2f111550e35e2aae29cdc49d82ef25cffad3fba25734a761785c1f2b1db060c3bb58cff
-
SSDEEP
393216:Mu7L/dWBb+4hQenSyY+k4tOJCEDd/m3pCZkVRiEFT7b5e5m:MCL0N+4XY4tuCEDdKCZkVRiS7c0
Behavioral task
behavioral1
Sample
L_0SpooferXX.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
L_0SpooferXX.exe
-
Size
17.8MB
-
MD5
80ae1538ef6d102fe84a6218b239a0c9
-
SHA1
cda6dc7994c0ed71e7688ed8a5608c266543d636
-
SHA256
24a1e8f1024a2a6a5a6b648f98f0eb270dd90ae4854aa2954a6e38d5bf4adbba
-
SHA512
86149af84ef1ae31fcb72ded4bddd95541be1741284a1980259590ede2f111550e35e2aae29cdc49d82ef25cffad3fba25734a761785c1f2b1db060c3bb58cff
-
SSDEEP
393216:Mu7L/dWBb+4hQenSyY+k4tOJCEDd/m3pCZkVRiEFT7b5e5m:MCL0N+4XY4tuCEDdKCZkVRiS7c0
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-