Overview

overview

7

Static

static

3

main.exe

windows10-1703-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    main.exe

  • Size

    64.3MB

  • Sample

    230312-qd4w3adh86

  • MD5

    a763d56ad2a8c931c8e70c7bfec7103f

  • SHA1

    97f0227f68bfa90e71b5e5feb0f04b5f48a749b5

  • SHA256

    6a4e55f0e8e49f3527a0c1195313887896e0d44b2291c1c0c9bc6b5420e37b72

  • SHA512

    1e1a43e99cdcc3a0f3b6e21b68644bb0c917ccf41725c2c155d8509847c15f9dffa47c67e720033dbfc1362fd34a1394b32b65470415a224016bc0fb4d155015

  • SSDEEP

    1572864:47nH46uMDhrRRsat9aAaW5yV5OHzDCd5cEm9cuhKmWRM:4LH46uMDhrPKAaCnCdfuhv

Score
7/10
persistencepyinstaller

Malware Config

Targets

    • Target

      main.exe

    • Size

      64.3MB

    • MD5

      a763d56ad2a8c931c8e70c7bfec7103f

    • SHA1

      97f0227f68bfa90e71b5e5feb0f04b5f48a749b5

    • SHA256

      6a4e55f0e8e49f3527a0c1195313887896e0d44b2291c1c0c9bc6b5420e37b72

    • SHA512

      1e1a43e99cdcc3a0f3b6e21b68644bb0c917ccf41725c2c155d8509847c15f9dffa47c67e720033dbfc1362fd34a1394b32b65470415a224016bc0fb4d155015

    • SSDEEP

      1572864:47nH46uMDhrRRsat9aAaW5yV5OHzDCd5cEm9cuhKmWRM:4LH46uMDhrPKAaCnCdfuhv

    Score
    7/10
    persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks