e682b63bb01f73c7addab70a6fa2c81557d316f36327eef5c10ce0c86de3e5a6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

loader (1).exe
Size

11.4MB
Sample

230701-c8ry4afd69
MD5

12d54c2c5cb60ba8c1ab746af88612db
SHA1

7a1d59b54bbb7bcbacf19fd49adf0e9230b992c0
SHA256

e682b63bb01f73c7addab70a6fa2c81557d316f36327eef5c10ce0c86de3e5a6
SHA512

a35b7ad2dd137d727402f2c1f51893031f5cea337cb6eea508902706d3b84e669abc431eb660262961ff45f92f8c532b66f6e58256ebae31cf72ca14ae65bd8d
SSDEEP

196608:3WiK+XNOrzEubo3WpAWT2zGFy3JBms97ZEMqdXFYlleRHCTbQy+:3WhQ5uU3WCdzGFeGEhCFBP

Score

6^/10

Malware Config

Targets

- Target
  
  loader (1).exe
- Size
  
  11.4MB
- MD5
  
  12d54c2c5cb60ba8c1ab746af88612db
- SHA1
  
  7a1d59b54bbb7bcbacf19fd49adf0e9230b992c0
- SHA256
  
  e682b63bb01f73c7addab70a6fa2c81557d316f36327eef5c10ce0c86de3e5a6
- SHA512
  
  a35b7ad2dd137d727402f2c1f51893031f5cea337cb6eea508902706d3b84e669abc431eb660262961ff45f92f8c532b66f6e58256ebae31cf72ca14ae65bd8d
- SSDEEP
  
  196608:3WiK+XNOrzEubo3WpAWT2zGFy3JBms97ZEMqdXFYlleRHCTbQy+:3WhQ5uU3WCdzGFeGEhCFBP
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2