cc81be39adcb8ea105c75106084f7b6809014aede70b52fd7eb2f41d5c7c288c | Triage

Resubmissions

09/03/2023, 17:13

230309-vrr7msde76 6

Sharing

General

Target

Optimizer-14.9.exe
Size

2.1MB
Sample

230309-vrr7msde76
MD5

0acd5fdeb1332e99679f9c5403fd5dbe
SHA1

9941abbb97c285b8528830cae8762b251e16991a
SHA256

cc81be39adcb8ea105c75106084f7b6809014aede70b52fd7eb2f41d5c7c288c
SHA512

d8ad8f65c8b02fab99a72345940ef35b70e4e366700aab95e7b6e344aa7758fd890b307a2a034091ea469ec3b000604a5cfcb9b081a2192b492ff46111f692f3
SSDEEP

24576:Z46Va9ejh8vRY4n+ED8GJWzWw3BA/ZTvQD0XY0AJBSjRlXP36RMG:Z46Va9ejh8vR8ED8GYzWw3EAJBSjh

Score

6^/10

Malware Config

Targets

- Target
  
  Optimizer-14.9.exe
- Size
  
  2.1MB
- MD5
  
  0acd5fdeb1332e99679f9c5403fd5dbe
- SHA1
  
  9941abbb97c285b8528830cae8762b251e16991a
- SHA256
  
  cc81be39adcb8ea105c75106084f7b6809014aede70b52fd7eb2f41d5c7c288c
- SHA512
  
  d8ad8f65c8b02fab99a72345940ef35b70e4e366700aab95e7b6e344aa7758fd890b307a2a034091ea469ec3b000604a5cfcb9b081a2192b492ff46111f692f3
- SSDEEP
  
  24576:Z46Va9ejh8vRY4n+ED8GJWzWw3BA/ZTvQD0XY0AJBSjRlXP36RMG:Z46Va9ejh8vR8ED8GYzWw3EAJBSjh
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2