General
-
Target
a128a7ab31a41859c5a9e85868d4174f
-
Size
974KB
-
Sample
240224-g3pzrsbg58
-
MD5
a128a7ab31a41859c5a9e85868d4174f
-
SHA1
7d614c5f27d5bd60af17e023b68fb67f787c461d
-
SHA256
8bcf3984e139a272179407ef7f22e912d9e686d59db6dd92b36d1a546e73a34d
-
SHA512
202464ce77f88b6a8878dd63acf1ed92267179a9f1d75f747b20f12abae0acb7373d56d5f37b1c54613e662600b8c842b77fdc5a032431b2119a41f5554c774e
-
SSDEEP
24576:W9ai9wwr6RyuZ44G/MfR1FTNkdBAnlXG6+Z1mbXhmQW:xmr6RyuZNGUfRFkUlXF+Z1IXW
Behavioral task
behavioral1
Sample
a128a7ab31a41859c5a9e85868d4174f.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a128a7ab31a41859c5a9e85868d4174f.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
a128a7ab31a41859c5a9e85868d4174f
-
Size
974KB
-
MD5
a128a7ab31a41859c5a9e85868d4174f
-
SHA1
7d614c5f27d5bd60af17e023b68fb67f787c461d
-
SHA256
8bcf3984e139a272179407ef7f22e912d9e686d59db6dd92b36d1a546e73a34d
-
SHA512
202464ce77f88b6a8878dd63acf1ed92267179a9f1d75f747b20f12abae0acb7373d56d5f37b1c54613e662600b8c842b77fdc5a032431b2119a41f5554c774e
-
SSDEEP
24576:W9ai9wwr6RyuZ44G/MfR1FTNkdBAnlXG6+Z1mbXhmQW:xmr6RyuZNGUfRFkUlXF+Z1IXW
Score9/10-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-