Overview

overview

8

Static

static

3

esquele.exe

windows7-x64

1

esquele.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    esquele.exe

  • Size

    71.3MB

  • Sample

    230626-j4x3wahh8y

  • MD5

    e2e2a7d59b7e515b83872936ba5ebe1c

  • SHA1

    202a0e2246dc90cf2de92a0bdd026824346f4903

  • SHA256

    004b52b1904df7dc30925d75399bb644036c2cb42b575d80e8d265beab5b7b3e

  • SHA512

    7c67ae1ae7f35482fe9daeb370f2d1737d4cca5c6b3fe1553226713ce0fd2b1c6e77d422e0546519c976c5d5c21e5025672f249497fd6b92c775d330f3714a3f

  • SSDEEP

    393216:Lqr6n+O6dcCeYfTKAWXpSLT6WQkOfNFxbYBFrPpwlCEKQrolL3djP/qqAxgvBwVc:LqE+7OCeC2AWmw6LNagCk20Yd0

Score
8/10

Malware Config

Targets

    • Target

      esquele.exe

    • Size

      71.3MB

    • MD5

      e2e2a7d59b7e515b83872936ba5ebe1c

    • SHA1

      202a0e2246dc90cf2de92a0bdd026824346f4903

    • SHA256

      004b52b1904df7dc30925d75399bb644036c2cb42b575d80e8d265beab5b7b3e

    • SHA512

      7c67ae1ae7f35482fe9daeb370f2d1737d4cca5c6b3fe1553226713ce0fd2b1c6e77d422e0546519c976c5d5c21e5025672f249497fd6b92c775d330f3714a3f

    • SSDEEP

      393216:Lqr6n+O6dcCeYfTKAWXpSLT6WQkOfNFxbYBFrPpwlCEKQrolL3djP/qqAxgvBwVc:LqE+7OCeC2AWmw6LNagCk20Yd0

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks