c9ea9ed335f7afea164856882124c982d47e6a8fe5b7f0122ae12de3b4908355 | Triage

Sharing

General

Target

39241032e4e7ef71e65efc1fb86b2793
Size

5.4MB
Sample

231225-yh59padddq
MD5

39241032e4e7ef71e65efc1fb86b2793
SHA1

9c971d4a0c6d374581932f4a67d38fa705b64885
SHA256

c9ea9ed335f7afea164856882124c982d47e6a8fe5b7f0122ae12de3b4908355
SHA512

8c0459cd5b77220ccbc7e98a2b9b4ab024f8685218ea71bf705898b94f506eae26a51c89ebb92726b2200274af7eaab7b0e5d1598f47194fd1d925a5ed5b9cc3
SSDEEP

98304:mXA7qNdItFMvkGTWHSQrXMLKidifyo+oGYWJkonX1Z+SeQMWxAMhAZ82S41HDbcD:mXA7qNdItFMvkGTWHSQrXMLKidifyo+d

Score

6^/10

Malware Config

Targets

- Target
  
  39241032e4e7ef71e65efc1fb86b2793
- Size
  
  5.4MB
- MD5
  
  39241032e4e7ef71e65efc1fb86b2793
- SHA1
  
  9c971d4a0c6d374581932f4a67d38fa705b64885
- SHA256
  
  c9ea9ed335f7afea164856882124c982d47e6a8fe5b7f0122ae12de3b4908355
- SHA512
  
  8c0459cd5b77220ccbc7e98a2b9b4ab024f8685218ea71bf705898b94f506eae26a51c89ebb92726b2200274af7eaab7b0e5d1598f47194fd1d925a5ed5b9cc3
- SSDEEP
  
  98304:mXA7qNdItFMvkGTWHSQrXMLKidifyo+oGYWJkonX1Z+SeQMWxAMhAZ82S41HDbcD:mXA7qNdItFMvkGTWHSQrXMLKidifyo+d
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2