Overview

overview

7

Static

static

3

bot.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bot.exe

  • Size

    16.7MB

  • Sample

    230715-244jrsch5w

  • MD5

    b5d4d79be2227701fffc91d9a3bba5a9

  • SHA1

    4c16ada430e8561d5a622359bb8870094d0674f0

  • SHA256

    c1fd5dbf7bfc397443c4ed495ce254be12614258b9d12efcd5a7d30189c8bd41

  • SHA512

    77bd56f2e93631a1bbaf73e1f8c87d8b2fd2e787957c36f2cc84067c6e6badac64a627b63b8f93dc02a17632618a77e7083290deeebf8ace0289480b782765e5

  • SSDEEP

    393216:idTU3m57nDle+QmBs7ZWyf7/SG9V9H0RBtMTDDd:idTU3ODle+KT7SG9VtGBtMTXd

Score
7/10

Malware Config

Targets

    • Target

      bot.exe

    • Size

      16.7MB

    • MD5

      b5d4d79be2227701fffc91d9a3bba5a9

    • SHA1

      4c16ada430e8561d5a622359bb8870094d0674f0

    • SHA256

      c1fd5dbf7bfc397443c4ed495ce254be12614258b9d12efcd5a7d30189c8bd41

    • SHA512

      77bd56f2e93631a1bbaf73e1f8c87d8b2fd2e787957c36f2cc84067c6e6badac64a627b63b8f93dc02a17632618a77e7083290deeebf8ace0289480b782765e5

    • SSDEEP

      393216:idTU3m57nDle+QmBs7ZWyf7/SG9V9H0RBtMTDDd:idTU3ODle+KT7SG9VtGBtMTXd

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks