Overview

overview

8

Static

static

1

wootechy-i...up.exe

windows7-x64

8

wootechy-i...up.exe

windows10-2004-x64

4

Sharing

Copy URL Twitter E-mail

General

  • Target

    wootechy-imovego_setup.exe

  • Size

    4.1MB

  • Sample

    230718-ymfjtsec4w

  • MD5

    f9c829bcafc838b8a26513cd3ea66c65

  • SHA1

    135e4474b8acbb72958700c0c7fc9150c4274ea2

  • SHA256

    0ea145513f8d96405413b90e5e73bc169a88d6fa258734057c3eaa0f38d80726

  • SHA512

    f781f908fe21f79e6642a68188aa151d571b5d8d61c38bee8a09ed61164f873b2793377c9829b59142c9304bf0ec22d3791392185f5bf91cfd27ca9ea4ad0f14

  • SSDEEP

    98304:QYUcd6mITrhfNG/dhfG16hfnz3IhfMTDhfSnLhfIV9:QYUcdmrhfSdhfq6hfnzIhfqDhf4Lhfm9

Score
8/10
discovery

Malware Config

Targets

    • Target

      wootechy-imovego_setup.exe

    • Size

      4.1MB

    • MD5

      f9c829bcafc838b8a26513cd3ea66c65

    • SHA1

      135e4474b8acbb72958700c0c7fc9150c4274ea2

    • SHA256

      0ea145513f8d96405413b90e5e73bc169a88d6fa258734057c3eaa0f38d80726

    • SHA512

      f781f908fe21f79e6642a68188aa151d571b5d8d61c38bee8a09ed61164f873b2793377c9829b59142c9304bf0ec22d3791392185f5bf91cfd27ca9ea4ad0f14

    • SSDEEP

      98304:QYUcd6mITrhfNG/dhfG16hfnz3IhfMTDhfSnLhfIV9:QYUcdmrhfSdhfq6hfnzIhfqDhf4Lhfm9

    Score
    8/10
    discovery

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks