General

  • Target

    updater.exe

  • Size

    62.4MB

  • Sample

    231224-nxltgsebc3

  • MD5

    ebd49b0395a81ee161326b10d1644ef1

  • SHA1

    d2d94e17ec683e863258ef6ea1903c827956c83f

  • SHA256

    4f29b4ccb7630e29056ffe4a29cd51314074dcae1a95171bc6a1d313bf56a6bd

  • SHA512

    19b79f63f0698cc9aa6aa30f42de31ac0f8979d0f43bead2016443885a93fa883cd568b1cbc7d379b3289579711a77fcb0fe29054fd96273e5431c583f84c13a

  • SSDEEP

    1572864:Km6aqeAMcLGXdHPMNMLpZyIdiBcQ60E8z:Z6aZAuNHPfLDjih60E8z

Score
7/10

Malware Config

Targets

    • Target

      updater.exe

    • Size

      62.4MB

    • MD5

      ebd49b0395a81ee161326b10d1644ef1

    • SHA1

      d2d94e17ec683e863258ef6ea1903c827956c83f

    • SHA256

      4f29b4ccb7630e29056ffe4a29cd51314074dcae1a95171bc6a1d313bf56a6bd

    • SHA512

      19b79f63f0698cc9aa6aa30f42de31ac0f8979d0f43bead2016443885a93fa883cd568b1cbc7d379b3289579711a77fcb0fe29054fd96273e5431c583f84c13a

    • SSDEEP

      1572864:Km6aqeAMcLGXdHPMNMLpZyIdiBcQ60E8z:Z6aZAuNHPfLDjih60E8z

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks