General
-
Target
Client-built.bat
-
Size
1.1MB
-
Sample
230609-v8my9acg58
-
MD5
45c24bc2e3362f234af60a836d158c2d
-
SHA1
023bd718cd1921e741e26accc0bb0681cdd51eb1
-
SHA256
33e476a25bde41c42083d57716e678a70d4f8d5576f5d26067d0d5c5afc13e40
-
SHA512
8c8ed0fde95a1e8d56731b46a1f66bb47de8c6273a73d503168ce7d5f0d82aa77136b86fc48cf5a3c8183428ce23826840fc8861813eebbfef60400c98d52eaf
-
SSDEEP
6144:VisaSp+quMXMCWPbsjcB7O56B67XvgUhb7pH:VixBMdoYj+O56if7pH
Static task
static1
Behavioral task
behavioral1
Sample
Client-built.bat
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
Client-built.bat
-
Size
1.1MB
-
MD5
45c24bc2e3362f234af60a836d158c2d
-
SHA1
023bd718cd1921e741e26accc0bb0681cdd51eb1
-
SHA256
33e476a25bde41c42083d57716e678a70d4f8d5576f5d26067d0d5c5afc13e40
-
SHA512
8c8ed0fde95a1e8d56731b46a1f66bb47de8c6273a73d503168ce7d5f0d82aa77136b86fc48cf5a3c8183428ce23826840fc8861813eebbfef60400c98d52eaf
-
SSDEEP
6144:VisaSp+quMXMCWPbsjcB7O56B67XvgUhb7pH:VixBMdoYj+O56if7pH
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-