837666ff9d09dbbeaee67986a24e7e8a183eabaaac05c674de7c8c71e565eb0a | Triage

Submit
Reports

Overview

overview

7

Static

static

3

payload.exe

windows7-x64

7

payload.exe

windows10-2004-x64

7

Sharing

General

Target

payload.exe
Size

5.5MB
Sample

230421-whg6rahb72
MD5

920c635b9d56b7fb88d0d7504f11af27
SHA1

f19d132cf37e3e1c786abd7fded1f294aa35c98e
SHA256

837666ff9d09dbbeaee67986a24e7e8a183eabaaac05c674de7c8c71e565eb0a
SHA512

c402f0304d4f6a83af7fa6cf479fd2edf8dc2d8ead127aa5a644bd53a865049e9b10ee4d0eda5544fa32900b99752523b9891ba74fc67499b46f86087013f150
SSDEEP

98304:RH8uiFtqb+sX1ZvbeeJZ/1IWlHNg2YYsI6CHMpV1Yq/EYbXoBeNrv+:RHIPqCsXDjpf/2WliXYrHW1LueNr2

Score

7^/10

pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

payload.exe

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

payload.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  payload.exe
- Size
  
  5.5MB
- MD5
  
  920c635b9d56b7fb88d0d7504f11af27
- SHA1
  
  f19d132cf37e3e1c786abd7fded1f294aa35c98e
- SHA256
  
  837666ff9d09dbbeaee67986a24e7e8a183eabaaac05c674de7c8c71e565eb0a
- SHA512
  
  c402f0304d4f6a83af7fa6cf479fd2edf8dc2d8ead127aa5a644bd53a865049e9b10ee4d0eda5544fa32900b99752523b9891ba74fc67499b46f86087013f150
- SSDEEP
  
  98304:RH8uiFtqb+sX1ZvbeeJZ/1IWlHNg2YYsI6CHMpV1Yq/EYbXoBeNrv+:RHIPqCsXDjpf/2WliXYrHW1LueNr2
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy