General

  • Target

    e6e044e21f6e80eb863cf0e1522b6cc2.bin

  • Size

    3.4MB

  • Sample

    231224-d7f1wahce5

  • MD5

    e6e044e21f6e80eb863cf0e1522b6cc2

  • SHA1

    cf9931fca74d1c0bf48565cd8103d59ff1f05ff7

  • SHA256

    15ceb7d39330f53eb3c9e7e9e7446b0dcc093fe106bbcde3d0b7e89319a74e1e

  • SHA512

    a54aec540a3fde0fcc555da199a3e5c9107c97bf5ab83ec6df4aebefaa4ded7ef8bcd09e44cf947d85ea623ad4287daa04d118b9acff1d9b7690ab680643d377

  • SSDEEP

    98304:dpeORPjMSAlUFI31x0xsBk3z85aHHRjswh:dpfRPj7IBz7E

Score
7/10

Malware Config

Targets

    • Target

      e6e044e21f6e80eb863cf0e1522b6cc2.bin

    • Size

      3.4MB

    • MD5

      e6e044e21f6e80eb863cf0e1522b6cc2

    • SHA1

      cf9931fca74d1c0bf48565cd8103d59ff1f05ff7

    • SHA256

      15ceb7d39330f53eb3c9e7e9e7446b0dcc093fe106bbcde3d0b7e89319a74e1e

    • SHA512

      a54aec540a3fde0fcc555da199a3e5c9107c97bf5ab83ec6df4aebefaa4ded7ef8bcd09e44cf947d85ea623ad4287daa04d118b9acff1d9b7690ab680643d377

    • SSDEEP

      98304:dpeORPjMSAlUFI31x0xsBk3z85aHHRjswh:dpfRPj7IBz7E

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks