General
-
Target
hwi_772.exe
-
Size
14.1MB
-
Sample
240212-y7v51sbf3s
-
MD5
49b034f0fe1f7782c12ea37e5c13a438
-
SHA1
fd625810d832ae2d8233d2c1cbbbad96998a69e9
-
SHA256
67f904372c8a7f5de3f4bb33778288c944fc79315d10a4b4d96f3b8503c11d8b
-
SHA512
7326e12a9407d8a06909911db6e72e078900cb99fb09a22831706d440ae3e470b3e2020a5a6b302c92bd175c92021ead3a828ea8e60b8b9bfe7f74627c152624
-
SSDEEP
196608:wrn8HEiLLRq/UEgAP1aqoWmyeJZjH8Ig5Xl1ZgDFSU3dqVYfsJ9Y7c0YkS7umBQp:wrn8tPsdiIA85LgRqWf/40Yl6YfJVep
Static task
static1
Behavioral task
behavioral1
Sample
hwi_772.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
hwi_772.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
hwi_772.exe
-
Size
14.1MB
-
MD5
49b034f0fe1f7782c12ea37e5c13a438
-
SHA1
fd625810d832ae2d8233d2c1cbbbad96998a69e9
-
SHA256
67f904372c8a7f5de3f4bb33778288c944fc79315d10a4b4d96f3b8503c11d8b
-
SHA512
7326e12a9407d8a06909911db6e72e078900cb99fb09a22831706d440ae3e470b3e2020a5a6b302c92bd175c92021ead3a828ea8e60b8b9bfe7f74627c152624
-
SSDEEP
196608:wrn8HEiLLRq/UEgAP1aqoWmyeJZjH8Ig5Xl1ZgDFSU3dqVYfsJ9Y7c0YkS7umBQp:wrn8tPsdiIA85LgRqWf/40Yl6YfJVep
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-