6d4ba448b9bf723f3916cecd93c94a8e8d1dfb46cf2127926f2a1175a2d73401 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

468cd9079cc0704c84d1f174a0394494
Size

22.0MB
Sample

240106-sm889acdc8
MD5

468cd9079cc0704c84d1f174a0394494
SHA1

5a641fa5cfd993159193555929cb3f8595777823
SHA256

6d4ba448b9bf723f3916cecd93c94a8e8d1dfb46cf2127926f2a1175a2d73401
SHA512

87b57b2676943216bddf789c88658c701499a45ba8512328f3817e7be81d4d12a40b87c889f9e3a05f465798886d0ed3d35c58569e5ec8e8c79b7b470902d432
SSDEEP

196608:a5MK3Ox6KDaMnhd9e+q2WWmQNLBBGZlra8rjsoftRJtsUwHiTqVeE:nx6Zghd9vqZQxBBGGyjDMDHq+d

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  468cd9079cc0704c84d1f174a0394494
- Size
  
  22.0MB
- MD5
  
  468cd9079cc0704c84d1f174a0394494
- SHA1
  
  5a641fa5cfd993159193555929cb3f8595777823
- SHA256
  
  6d4ba448b9bf723f3916cecd93c94a8e8d1dfb46cf2127926f2a1175a2d73401
- SHA512
  
  87b57b2676943216bddf789c88658c701499a45ba8512328f3817e7be81d4d12a40b87c889f9e3a05f465798886d0ed3d35c58569e5ec8e8c79b7b470902d432
- SSDEEP
  
  196608:a5MK3Ox6KDaMnhd9e+q2WWmQNLBBGZlra8rjsoftRJtsUwHiTqVeE:nx6Zghd9vqZQxBBGGyjDMDHq+d
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2