General

  • Target

    f51b489073e0a0e9fff1a9d8f0e09185

  • Size

    5.4MB

  • Sample

    231228-yzd7jadcb4

  • MD5

    f51b489073e0a0e9fff1a9d8f0e09185

  • SHA1

    c8a2cf999334870c51ead8e366ce51ee916b6e3f

  • SHA256

    e4c2460165de097c187d1a646cfc513d32a9130a0e3fe40a359f82b54987bb23

  • SHA512

    c724d3245868a6a6a90ad0f169ba39857f192809ac0e0b7919ebd53ca7669080703571fd235e129130ddc157286534905dcb6ca7e951e7d8ce3347184eb89484

  • SSDEEP

    98304:7aK90IOLFoFMy2Wt6E8jtpOEv9NdHkyLhiCyIgFfffHyBUMUbv5wOJERH:X9POJa2WD69Nay8Mg1ffS2/K4ER

Malware Config

Targets

    • Target

      f51b489073e0a0e9fff1a9d8f0e09185

    • Size

      5.4MB

    • MD5

      f51b489073e0a0e9fff1a9d8f0e09185

    • SHA1

      c8a2cf999334870c51ead8e366ce51ee916b6e3f

    • SHA256

      e4c2460165de097c187d1a646cfc513d32a9130a0e3fe40a359f82b54987bb23

    • SHA512

      c724d3245868a6a6a90ad0f169ba39857f192809ac0e0b7919ebd53ca7669080703571fd235e129130ddc157286534905dcb6ca7e951e7d8ce3347184eb89484

    • SSDEEP

      98304:7aK90IOLFoFMy2Wt6E8jtpOEv9NdHkyLhiCyIgFfffHyBUMUbv5wOJERH:X9POJa2WD69Nay8Mg1ffS2/K4ER

    • Growtopia

      Growtopa is an opensource modular stealer written in C#.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks