General
-
Target
bdb1f5e7f3dbd67ee70cb66f20ac7f7902ce07989a9a22432f99fd8124da5c3e.zip
-
Size
36KB
-
Sample
230816-hlwlnaac3t
-
MD5
c8a8a058d6f0a48af39f8c38c6b258bf
-
SHA1
1ddc26a366afab5837c8e8d5614bbe57bcc052bc
-
SHA256
e11a5e2321ad2cc9f0b1acc73b07c4969966a00815a9e61141e4ce6428c13561
-
SHA512
00731d37fe0aabfaa7738307eb74762302475f1b4c721aa7e61958f323c426013a5e4c6394c9feec847efe7be72a9e07d533609e07915f1fe4d011c1269c46b2
-
SSDEEP
768:v6U4O+9cpYbEsL/WcvlfaRnFLWnxlGUeo8h8zSxkzbmNiQh1JIJXn:iUj+9cpqEsKcxaBFglGSDGNV1JsX
Behavioral task
behavioral1
Sample
bdb1f5e7f3dbd67ee70cb66f20ac7f7902ce07989a9a22432f99fd8124da5c3e.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
bdb1f5e7f3dbd67ee70cb66f20ac7f7902ce07989a9a22432f99fd8124da5c3e.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
phemedrone
http://f0839732.xsph.ru/gate.php
Targets
-
-
Target
bdb1f5e7f3dbd67ee70cb66f20ac7f7902ce07989a9a22432f99fd8124da5c3e
-
Size
80KB
-
MD5
8f7eb1227c12063aa1848e615a8a5e73
-
SHA1
b786233cd325cd1cc59d3bb1dfab6defe1c85309
-
SHA256
bdb1f5e7f3dbd67ee70cb66f20ac7f7902ce07989a9a22432f99fd8124da5c3e
-
SHA512
1a73f2b900e3d86484089afc818176ed1dea59996bd2ecff5014022802308077baec13f1ca571b9c8fa4732dfa1480b8f53fdc0986807fa7a0bb42b2436ad18e
-
SSDEEP
1536:Btg98VSWaaIQZB9+tiGbJeadDTJHjwtNGMl5n5p2gnBQqJSwEKhw:BtgKVzIXiGbJeadDTZjwtNVlJ54gnBQD
Score10/10-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-