0c32e7701ef8ab1bce10eb629e2369e9b1e787e6637aa423f4ca146b8e902701 | Triage

Sharing

General

Target

sample
Size

156KB
Sample

231128-gfdm8afe46
MD5

7a2ddb0776b2c29af02caf8bd7866ee1
SHA1

86cb48540ad2c687d019c05f9263bd9253b28e3a
SHA256

0c32e7701ef8ab1bce10eb629e2369e9b1e787e6637aa423f4ca146b8e902701
SHA512

d758002691840e86ee80846c42c1c0da8606d23d6c1c47a6c0d90dcd9f1a1c782875ec28b01b3df50412c5bc4e949282900ce71a91765aea954cc8e5311ad6df
SSDEEP

3072:MV2bbtgw4izh1p5NWB3S1+6PyMDssg0iaG4owmaTj:MYt4izhj23Sx

Score

6^/10

Malware Config

Targets

- Target
  
  sample
- Size
  
  156KB
- MD5
  
  7a2ddb0776b2c29af02caf8bd7866ee1
- SHA1
  
  86cb48540ad2c687d019c05f9263bd9253b28e3a
- SHA256
  
  0c32e7701ef8ab1bce10eb629e2369e9b1e787e6637aa423f4ca146b8e902701
- SHA512
  
  d758002691840e86ee80846c42c1c0da8606d23d6c1c47a6c0d90dcd9f1a1c782875ec28b01b3df50412c5bc4e949282900ce71a91765aea954cc8e5311ad6df
- SSDEEP
  
  3072:MV2bbtgw4izh1p5NWB3S1+6PyMDssg0iaG4owmaTj:MYt4izhj23Sx
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2