General

  • Target

    eicar_com.zip

  • Size

    184B

  • Sample

    231126-btd81sea64

  • MD5

    6ce6f415d8475545be5ba114f208b0ff

  • SHA1

    d27265074c9eac2e2122ed69294dbc4d7cce9141

  • SHA256

    2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

  • SHA512

    d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

Score
8/10

Malware Config

Targets

    • Target

      eicar_com.zip

    • Size

      184B

    • MD5

      6ce6f415d8475545be5ba114f208b0ff

    • SHA1

      d27265074c9eac2e2122ed69294dbc4d7cce9141

    • SHA256

      2546dcffc5ad854d4ddc64fbf056871cd5a00f2471cb7a5bfd4ac23b6e9eedad

    • SHA512

      d9305862fe0bf552718d19db43075d88cffd768974627db60fa1a90a8d45563e035a6449663b8f66aac53791d77f37dbb5035159aa08e69fc473972022f80010

    Score
    8/10
    • Modifies RDP port number used by Windows

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks