General

  • Target

    h4xtools.exe

  • Size

    23.6MB

  • Sample

    240223-lx5v9afa47

  • MD5

    98646782c59bc4c6e6dc2528801cb4ab

  • SHA1

    1dcb009f3a985b315637721f5cfb729a97bd4117

  • SHA256

    706fc6c93230d713b002d42d3b523b30c0a7b77861f15cc3cde12d0d4eb96e0e

  • SHA512

    a289c6b4aefaa7b67403033f6f303ea312b8b1f216e22486b7e4edb71d2333b9dcfd2dd4b9f4adabcbb9293b9e9bb90ecbef8edc6e61f64f845f8600674552d2

  • SSDEEP

    393216:kV72c88Hg9nW+eGQRj6QtSX8IneRMPMTozGxu8C0ibfqyOUVXFjbIlRCxiSqDR8x:k5t88yW+e5RrtYXeRPoztZ0iNsRHSqDa

Malware Config

Targets

    • Target

      h4xtools.exe

    • Size

      23.6MB

    • MD5

      98646782c59bc4c6e6dc2528801cb4ab

    • SHA1

      1dcb009f3a985b315637721f5cfb729a97bd4117

    • SHA256

      706fc6c93230d713b002d42d3b523b30c0a7b77861f15cc3cde12d0d4eb96e0e

    • SHA512

      a289c6b4aefaa7b67403033f6f303ea312b8b1f216e22486b7e4edb71d2333b9dcfd2dd4b9f4adabcbb9293b9e9bb90ecbef8edc6e61f64f845f8600674552d2

    • SSDEEP

      393216:kV72c88Hg9nW+eGQRj6QtSX8IneRMPMTozGxu8C0ibfqyOUVXFjbIlRCxiSqDR8x:k5t88yW+e5RrtYXeRPoztZ0iNsRHSqDa

    Score
    8/10
    • Contacts a large (556) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks