General

  • Target

    f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f

  • Size

    26.8MB

  • Sample

    240101-sg3jhschep

  • MD5

    b600b348eb3a8d08bc8821a6078551b9

  • SHA1

    2d8471f3f4c25b01dab7e51b5a36c2d9f377097a

  • SHA256

    f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f

  • SHA512

    06fb408924c587e02f3154786e1fd4952428e35bffa8770184d77331b6b668d95119095a6c557c6cf0e3aa1423f8892b94de5986053eadfef3e034bcb4d9a6da

  • SSDEEP

    393216:viDna3FQtsTLHr7M5li8k3mePcGfd0NYMP26Ywg6lCOdrn:vi21QtsPL7M5lDa55F0NYYWYn

Score
7/10

Malware Config

Targets

    • Target

      f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f

    • Size

      26.8MB

    • MD5

      b600b348eb3a8d08bc8821a6078551b9

    • SHA1

      2d8471f3f4c25b01dab7e51b5a36c2d9f377097a

    • SHA256

      f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f

    • SHA512

      06fb408924c587e02f3154786e1fd4952428e35bffa8770184d77331b6b668d95119095a6c557c6cf0e3aa1423f8892b94de5986053eadfef3e034bcb4d9a6da

    • SSDEEP

      393216:viDna3FQtsTLHr7M5li8k3mePcGfd0NYMP26Ywg6lCOdrn:vi21QtsPL7M5lDa55F0NYYWYn

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      electron.pyc

    • Size

      49KB

    • MD5

      bb740a4f65e028e5d1690322ab1818ff

    • SHA1

      637c1ccdda0bf70e6abc210cb752d9320c9dd8cb

    • SHA256

      2ac114d284e3385b560ba6219ce7ee3d383f8476143cdc2acd5c53e842184296

    • SHA512

      5a7304dbd3b6f4964855329387c94d3e26ced7d1311f36844cd5e1ee0f07d51d28e0757ce2c38593d37c772e7610a63a8b9009ab07c8226ed34feddcfe529620

    • SSDEEP

      1536:t9MWmRrCiwIgg7YVFZLSCuj0yp/AqDlhLxaUSgeC:cEiRz2FZLSCsJ5qUaC

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks