1ff1b4335e9cccb75b4ad7548c64224c0fbfee44b0234931cc5b4119cfc7096d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6bbe316f87110b73a4ccad24ef894505
Size

5.6MB
Sample

231226-nvt23seehm
MD5

6bbe316f87110b73a4ccad24ef894505
SHA1

9f785f9ede136ee7ffe38ec96e229543ea5ee6c8
SHA256

1ff1b4335e9cccb75b4ad7548c64224c0fbfee44b0234931cc5b4119cfc7096d
SHA512

52d266fc6da3ebb27aca3f14bfe5c846f8236c063fb205c32cf0978fecfb27011d08b7dd0df289029fbd2cadee4c8a48a5d6c948bd602969befd788215a2c2d8
SSDEEP

49152:Ysvop0jP9Yxz+S71RFWUt4COl57GBH6lQoRhuWndZaFcICTyRAT0TaQ4wPOuzU+6:Ysvq0j+RuUt4COlDSoRbapYyRewVIII

Score

6^/10

Malware Config

Targets

- Target
  
  6bbe316f87110b73a4ccad24ef894505
- Size
  
  5.6MB
- MD5
  
  6bbe316f87110b73a4ccad24ef894505
- SHA1
  
  9f785f9ede136ee7ffe38ec96e229543ea5ee6c8
- SHA256
  
  1ff1b4335e9cccb75b4ad7548c64224c0fbfee44b0234931cc5b4119cfc7096d
- SHA512
  
  52d266fc6da3ebb27aca3f14bfe5c846f8236c063fb205c32cf0978fecfb27011d08b7dd0df289029fbd2cadee4c8a48a5d6c948bd602969befd788215a2c2d8
- SSDEEP
  
  49152:Ysvop0jP9Yxz+S71RFWUt4COl57GBH6lQoRhuWndZaFcICTyRAT0TaQ4wPOuzU+6:Ysvq0j+RuUt4COlDSoRbapYyRewVIII
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2