086a0cbef96b03088070741d4d72720884c653ffdb4b5f49ccdf8d08e9a2a0f0 | Triage

Sharing

General

Target

mysterious.exe
Size

4.0MB
Sample

231230-f83blsgfd2
MD5

ce6d7858f9c1d1a9bc4bf3ef2b5881fc
SHA1

c266e30662c7af60b64a8c547f82409037ea9b08
SHA256

086a0cbef96b03088070741d4d72720884c653ffdb4b5f49ccdf8d08e9a2a0f0
SHA512

438d25e2e9da62ff861214bbb09f277f5b30fecb275f74540bf407b2ebc60b4e88accdad22cf954d17b1d82d413fa94d1f704fad2fc6f29be89a3e3595a73d22
SSDEEP

98304:2mOXPSEgwSR/SVJg68dljjMG27DdRJmAHZftf7+diK:JUDxESYjljjM97BR5f

Score

6^/10

Malware Config

Targets

- Target
  
  mysterious.exe
- Size
  
  4.0MB
- MD5
  
  ce6d7858f9c1d1a9bc4bf3ef2b5881fc
- SHA1
  
  c266e30662c7af60b64a8c547f82409037ea9b08
- SHA256
  
  086a0cbef96b03088070741d4d72720884c653ffdb4b5f49ccdf8d08e9a2a0f0
- SHA512
  
  438d25e2e9da62ff861214bbb09f277f5b30fecb275f74540bf407b2ebc60b4e88accdad22cf954d17b1d82d413fa94d1f704fad2fc6f29be89a3e3595a73d22
- SSDEEP
  
  98304:2mOXPSEgwSR/SVJg68dljjMG27DdRJmAHZftf7+diK:JUDxESYjljjM97BR5f
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2