Resubmissions

07-11-2024 16:23

241107-tv5fpswapp 10

11-02-2024 15:19

240211-sqg9yahb91 10

General

  • Target

    tik_tok_follow_paid.exe

  • Size

    17.7MB

  • Sample

    240211-sqg9yahb91

  • MD5

    7a5bcfab39b76b3a34c03271a9efa8f6

  • SHA1

    01a3b7e6a00f11e60a4c26a0ce0fccea8044b796

  • SHA256

    6f68d3de22c9c57b4e7c2954f463c4b8adebf2f82745797e08dfc666364218d4

  • SHA512

    fef85590bf30d0a42bf2691965a65d75ab78b7b1c3896310fe20e294b48640e6e3c0dbafe80ad9f1e48e87524240f42033020afde94f1464697716a7d4eb381f

  • SSDEEP

    393216:FqPnLFXlrSQ8DOETgsvfGFJgYyGvEjYG0H+q:8PLFXNSQhEq7ah0n

Malware Config

Targets

    • Target

      tik_tok_follow_paid.exe

    • Size

      17.7MB

    • MD5

      7a5bcfab39b76b3a34c03271a9efa8f6

    • SHA1

      01a3b7e6a00f11e60a4c26a0ce0fccea8044b796

    • SHA256

      6f68d3de22c9c57b4e7c2954f463c4b8adebf2f82745797e08dfc666364218d4

    • SHA512

      fef85590bf30d0a42bf2691965a65d75ab78b7b1c3896310fe20e294b48640e6e3c0dbafe80ad9f1e48e87524240f42033020afde94f1464697716a7d4eb381f

    • SSDEEP

      393216:FqPnLFXlrSQ8DOETgsvfGFJgYyGvEjYG0H+q:8PLFXNSQhEq7ah0n

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks