General
-
Target
source_prepared.exe
-
Size
75.4MB
-
Sample
230923-mjmcesgc44
-
MD5
aec9e84cc74318b918004f64eee5856a
-
SHA1
31bf0bb240e0abac14790e8b04b74cabee523812
-
SHA256
8e1afb371f897a37dcd3e72ab0d1a7caaef5e932caf8598de9877dc60697f8e3
-
SHA512
a686ffcec6fa45dc68f86e1741145e17302ff3abd0538ac6dcc3707c65cbdcea0c81f01ae8618a2130c26fdc3f59732408146ac9f4be2edfd1752c874284a14e
-
SSDEEP
1572864:M2M1RQvHrELVhE7lFnNC3xWHSqLJknMw8CAvRDoGirAH8+1osuTCSxOB6xMj7LHz:MZDUE6nN5yqLJkn1yDzS6xjKcBaYnHeS
Behavioral task
behavioral1
Sample
source_prepared.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
75.4MB
-
MD5
aec9e84cc74318b918004f64eee5856a
-
SHA1
31bf0bb240e0abac14790e8b04b74cabee523812
-
SHA256
8e1afb371f897a37dcd3e72ab0d1a7caaef5e932caf8598de9877dc60697f8e3
-
SHA512
a686ffcec6fa45dc68f86e1741145e17302ff3abd0538ac6dcc3707c65cbdcea0c81f01ae8618a2130c26fdc3f59732408146ac9f4be2edfd1752c874284a14e
-
SSDEEP
1572864:M2M1RQvHrELVhE7lFnNC3xWHSqLJknMw8CAvRDoGirAH8+1osuTCSxOB6xMj7LHz:MZDUE6nN5yqLJkn1yDzS6xjKcBaYnHeS
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-