Overview

overview

6

Static

static

3

ggpermV3.exe

windows7-x64

6

ggpermV3.exe

windows10-2004-x64

3

Resubmissions

03-02-2024 14:42

240203-r28etsbgh3 6

03-02-2024 14:38

240203-rz33bsbgd2 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ggpermV3.exe

  • Size

    62KB

  • Sample

    240203-r28etsbgh3

  • MD5

    eac37455baace3357722d2bc5cf40be9

  • SHA1

    bfbb2b0f876a0784e5a0d78b7981b27254c0a766

  • SHA256

    e333b29fa06d2138c9a4c634fde1fe4212bd2a027c0175008001c8af60d34053

  • SHA512

    78065623e0bafa450e49c91b700da3a31536033d005a6d20126cc886bc1075788a4e5d5f7b689b47c4eea01f58f797e696f06038dd967b6143d07204048ad067

  • SSDEEP

    1536:eh4f8xsBb7KAMFYieXfRc/onjx6FXs+ceAP5w:bBbnRJfROqwFcZbP5w

Score
6/10

Malware Config

Targets

    • Target

      ggpermV3.exe

    • Size

      62KB

    • MD5

      eac37455baace3357722d2bc5cf40be9

    • SHA1

      bfbb2b0f876a0784e5a0d78b7981b27254c0a766

    • SHA256

      e333b29fa06d2138c9a4c634fde1fe4212bd2a027c0175008001c8af60d34053

    • SHA512

      78065623e0bafa450e49c91b700da3a31536033d005a6d20126cc886bc1075788a4e5d5f7b689b47c4eea01f58f797e696f06038dd967b6143d07204048ad067

    • SSDEEP

      1536:eh4f8xsBb7KAMFYieXfRc/onjx6FXs+ceAP5w:bBbnRJfROqwFcZbP5w

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks