141a0b6086569cdb42b2c6016fa20bdb507ee3f5b6e42dba9f53a07dfea4bd7d | Triage

Submit
Reports

Overview

overview

6

Static

static

3

mgtOHJHXlrKDIio.exe

windows7-x64

6

mgtOHJHXlrKDIio.exe

windows10-2004-x64

6

Sharing

General

Target

TT 103.zip
Size

396KB
Sample

231006-c5tzaaah38
MD5

49f92cdb1a0eae12db6b37af5f348a59
SHA1

0d038760dd26249ade30d167fe6052e593fff2bf
SHA256

141a0b6086569cdb42b2c6016fa20bdb507ee3f5b6e42dba9f53a07dfea4bd7d
SHA512

babc7d147e5984e94c39795bd6a8be220e133a592bd377bbaf92ae50057bdb5204d5f7ed8b84f8137f396f0c4850f4b1842ee547ad7d61019bc70c5d1a4ecbd9
SSDEEP

6144:JT8c/b+KsSYss0Rf36mo/nOkNUCzRdLZFDvCevEoDmtKbhBUTs:yy+Ktimo/OkeORdN1vfMwsKbd

Score

6^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

mgtOHJHXlrKDIio.exe

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

mgtOHJHXlrKDIio.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  mgtOHJHXlrKDIio.exe
- Size
  
  525KB
- MD5
  
  35b6b59c21fd86b4db84f8b88bd92053
- SHA1
  
  c5001899f1b2d0d1b5bc548c625cee5a825663b7
- SHA256
  
  2909eec674cd7e9bc38e581262b2054af96d5177cf2208334eb79d6622eb1f56
- SHA512
  
  0462b06610db862e3123aa9bf0276c66c72e95f2b9646f01fd7e35bd7a9cc29fcf6f78804a900f504d258442b7eedf4e3cfdbe118e111221c767e1196b711e90
- SSDEEP
  
  6144:DYSaNW4uMVVrz+01Rn36mo/BOkfUCzRdLZdDv0yvEoDwtKbh7UwFhpgdf:faNF9VVrKGqmo/oksORdN9vvMw6Kbid
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy