Overview

overview

7

Static

static

3

SonarLoader.exe

windows10-2004-x64

7

Resubmissions

15-04-2023 16:25

230415-txfv5aeg65 7

15-04-2023 16:25

230415-tw22zaeg63 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SonarLoader.exe

  • Size

    26.5MB

  • Sample

    230415-txfv5aeg65

  • MD5

    91ab29323fe1b72fe3a8c603f35a37aa

  • SHA1

    d8f28a1fe8f3f2a6019cf5cebe50cdc8dc972300

  • SHA256

    cf50c0cd03603126fcfc65a1c7f72ef63c9b562272621002074eb72d73149199

  • SHA512

    403dbbb8be251964a19eeee9f79d5680bdada8f2a365fa80f11a2012e500e480577e01765350073a43216127be9bff18b9f80bbbbcb7227fc29a7d8f5dc40d98

  • SSDEEP

    393216:MxAlnfLF5Vzeeul2QZFqyYgsSVXGnjmasQb9Di:RljF5MP2Qm9djmTQNi

Score
7/10
pyinstallerupx

Malware Config

Targets

    • Target

      SonarLoader.exe

    • Size

      26.5MB

    • MD5

      91ab29323fe1b72fe3a8c603f35a37aa

    • SHA1

      d8f28a1fe8f3f2a6019cf5cebe50cdc8dc972300

    • SHA256

      cf50c0cd03603126fcfc65a1c7f72ef63c9b562272621002074eb72d73149199

    • SHA512

      403dbbb8be251964a19eeee9f79d5680bdada8f2a365fa80f11a2012e500e480577e01765350073a43216127be9bff18b9f80bbbbcb7227fc29a7d8f5dc40d98

    • SSDEEP

      393216:MxAlnfLF5Vzeeul2QZFqyYgsSVXGnjmasQb9Di:RljF5MP2Qm9djmTQNi

    Score
    7/10
    upx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops Chrome extension

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks