5d0ee5f845eaa035d53514e4435c33deec179230ee95cad356f5f4a824c08108 | Triage

Resubmissions

19-02-2024 20:09

240219-yxk73acc2v 6

19-02-2024 20:09

240219-yw5v3scb9t 3

Sharing

General

Target

Quarantine.exe
Size

158KB
Sample

240219-yxk73acc2v
MD5

d72dfb79a9fa73dd4c514c61ea459e0a
SHA1

e6e1d03bf41eca58812bf206e7a1c225ea742dad
SHA256

5d0ee5f845eaa035d53514e4435c33deec179230ee95cad356f5f4a824c08108
SHA512

a5d7bdb91434a2be030e9c2141c72f83acd5442f18166effd1e554a0435e67a58a2101fd07b6e75d3bc3aec45e387aa8b3cec84bcefbe182c746780198b9e731
SSDEEP

3072:JB/umH8RI2mBPX42UeGwiiiiih6666J66666eB2yUii9iiFPckuony:JlZ2qiiiiih6666J66666ekyUii9iiED

Score

6^/10

Malware Config

Targets

- Target
  
  Quarantine.exe
- Size
  
  158KB
- MD5
  
  d72dfb79a9fa73dd4c514c61ea459e0a
- SHA1
  
  e6e1d03bf41eca58812bf206e7a1c225ea742dad
- SHA256
  
  5d0ee5f845eaa035d53514e4435c33deec179230ee95cad356f5f4a824c08108
- SHA512
  
  a5d7bdb91434a2be030e9c2141c72f83acd5442f18166effd1e554a0435e67a58a2101fd07b6e75d3bc3aec45e387aa8b3cec84bcefbe182c746780198b9e731
- SSDEEP
  
  3072:JB/umH8RI2mBPX42UeGwiiiiih6666J66666eB2yUii9iiFPckuony:JlZ2qiiiiih6666J66666ekyUii9iiED
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1