General
-
Target
7b24e1100cf26836bdee9f4441a0d190-sample.zip
-
Size
561KB
-
Sample
230616-2krqvsgf71
-
MD5
6e8cfef6e706ea8721dd6157692ee4aa
-
SHA1
f27100d4ae0cc7a709d59d46ffe9658346bc6c75
-
SHA256
cd25891454b9b01b1cea5404f647b1b4b24d4ca57b2ed751aa9f955dcf3808bd
-
SHA512
2665bda58a4d50f64920087ac671817bda63d0fcac0abab70b60d0896799807f5dfdbf01ea4c67363134d99ab2389be2b4205ac5f3b09d8fc3c14126daaa797a
-
SSDEEP
12288:+ecC1lpC6Vkz8kvqhyE+knAjDsnk2hs8s07gOEcNe3WulyTSzQ:+etRr+XWkEs07gOEQ1
Behavioral task
behavioral1
Sample
e059e0ce5cbd7a48c8d72d296fd96d56b2cd568c9f26598753393f19f1eb9352.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
e059e0ce5cbd7a48c8d72d296fd96d56b2cd568c9f26598753393f19f1eb9352.exe
Resource
win10v2004-20230221-en
Behavioral task
behavioral3
Sample
out.exe
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
out.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
e059e0ce5cbd7a48c8d72d296fd96d56b2cd568c9f26598753393f19f1eb9352
-
Size
609KB
-
MD5
873140fced1cb8fe65b98a98dfcb6c98
-
SHA1
5703da2b3b86fcb716358b195f5a6f73e66ef821
-
SHA256
e059e0ce5cbd7a48c8d72d296fd96d56b2cd568c9f26598753393f19f1eb9352
-
SHA512
7687b46785062c3edf19f471912e77925e277fdfc0875b66c00894b345dfeec120c8e4cefcd8af9bccfea044f8f6507ae4f15f02b7b0445e286160c6f1b44a8c
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhR:SUiL3yjXUlu0I7vitqUmyq+1paR
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-
-
-
Target
out.upx
-
Size
1.3MB
-
MD5
c0f930e3cfca3d5716c93aa0968b35ce
-
SHA1
116aefecfdbd5930701ce97fc3581e4cc9a0c983
-
SHA256
0fc057dfab0e1fc2a5dcf659dd26dfb2e28405f3d35dbfc641b8947f23732013
-
SHA512
24575c1df74d4c292da21b5118d889c4b6a9782cf3ad131b1c88867f2d207068fb77da5dd93615c477360b47905a234c0faae20d954c7522da351733d47de077
-
SSDEEP
12288:8D0YxtHgcj3DKjs16MKYIjhy+AC5j6voNq:8QYxtHiEEYIjhyQj6voNq
Score3/10 -