ed144068728251c56baf4b1d595fca114250e602d04ac1b3a3bded0f31c4fdc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

QTPNF-CFSDI2138_65059389QLTY.exe
Size

130.3MB
Sample

231124-lz9xzshe68
MD5

545d05b7452d2a92dc7df993c5697a7a
SHA1

8cfdb51a7afecc10180e77aea2520e8240c87dca
SHA256

ed144068728251c56baf4b1d595fca114250e602d04ac1b3a3bded0f31c4fdc4
SHA512

dc096b1e22934f1b76f41463059230827704a4180511b5ddaca8e980e3c228ce453cdaf12ade4696d23cac09f5ba8678416a52192d3a13844becbae5b92be199
SSDEEP

98304:veQ61To2T+zLlj0FQHXQUwDyU2Rr76lExwdJp90:X61Ml/ZgUbRom

Score

6^/10

Malware Config

Targets

- Target
  
  QTPNF-CFSDI2138_65059389QLTY.exe
- Size
  
  130.3MB
- MD5
  
  545d05b7452d2a92dc7df993c5697a7a
- SHA1
  
  8cfdb51a7afecc10180e77aea2520e8240c87dca
- SHA256
  
  ed144068728251c56baf4b1d595fca114250e602d04ac1b3a3bded0f31c4fdc4
- SHA512
  
  dc096b1e22934f1b76f41463059230827704a4180511b5ddaca8e980e3c228ce453cdaf12ade4696d23cac09f5ba8678416a52192d3a13844becbae5b92be199
- SSDEEP
  
  98304:veQ61To2T+zLlj0FQHXQUwDyU2Rr76lExwdJp90:X61Ml/ZgUbRom
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2