General
-
Target
_RUNECE.vmp.exe
-
Size
71.0MB
-
Sample
231201-p2mf9ahh8x
-
MD5
4f82be843498084c59ebfdc9d3556d66
-
SHA1
1dff2674a86c42e574083b712372d147982f8305
-
SHA256
a614d740ca78216237022406c3b8df12dfe982d75d8973299d1ffa3a63974546
-
SHA512
377797d21da768b148eeab03eeaabe809ede00fa9bf89b85362318bab8fc5ab98cfced4a6aef11e4f8edfb4382c9b0397c6a25a79d4d7630203bdd4d68184247
-
SSDEEP
1572864:l2MerQqjqSk8IpG7V+VPhqCnE7R6u9jZS9uWdErnUEpiqY9PNdv:lZerdGSkB05awCmz91k2rn8pDdv
Behavioral task
behavioral1
Sample
_RUNECE.vmp.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
_RUNECE.vmp.exe
-
Size
71.0MB
-
MD5
4f82be843498084c59ebfdc9d3556d66
-
SHA1
1dff2674a86c42e574083b712372d147982f8305
-
SHA256
a614d740ca78216237022406c3b8df12dfe982d75d8973299d1ffa3a63974546
-
SHA512
377797d21da768b148eeab03eeaabe809ede00fa9bf89b85362318bab8fc5ab98cfced4a6aef11e4f8edfb4382c9b0397c6a25a79d4d7630203bdd4d68184247
-
SSDEEP
1572864:l2MerQqjqSk8IpG7V+VPhqCnE7R6u9jZS9uWdErnUEpiqY9PNdv:lZerdGSkB05awCmz91k2rn8pDdv
-
Enumerates VirtualBox DLL files
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-