General
-
Target
MultiBit.exe
-
Size
324KB
-
Sample
230321-r6fklsbe92
-
MD5
0f39821d5744907e68885862080c6234
-
SHA1
71e263f94a80d6cd1df1349c4a2202ef5f2518c3
-
SHA256
86f783a90ebc8f381e8c6484d412cce8e587d003856b522b271ca15691e9dd8b
-
SHA512
38299692594b995607987e1369d7c2c8913e8daec076b3779a61033093290e69fab1fb8cae0a83a80643a825f67b41a81eb17d21736054a656067ae8bcf93cbc
-
SSDEEP
3072:Ex+JMeg3Z0EeYesNKnXORQtmGWA68rdCbyzziT6hTnNPmxZjmsNKnXOZu:Ov4XORAmGc8rdCbkziksZ4XOZ
Static task
static1
Behavioral task
behavioral1
Sample
MultiBit.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
MultiBit.exe
-
Size
324KB
-
MD5
0f39821d5744907e68885862080c6234
-
SHA1
71e263f94a80d6cd1df1349c4a2202ef5f2518c3
-
SHA256
86f783a90ebc8f381e8c6484d412cce8e587d003856b522b271ca15691e9dd8b
-
SHA512
38299692594b995607987e1369d7c2c8913e8daec076b3779a61033093290e69fab1fb8cae0a83a80643a825f67b41a81eb17d21736054a656067ae8bcf93cbc
-
SSDEEP
3072:Ex+JMeg3Z0EeYesNKnXORQtmGWA68rdCbyzziT6hTnNPmxZjmsNKnXOZu:Ov4XORAmGc8rdCbkziksZ4XOZ
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-