Overview

overview

8

Static

static

3

IRC.dll

windows10-1703-x64

1

LOIC.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LOIC.zip

  • Size

    3.1MB

  • Sample

    240315-2x23csfa55

  • MD5

    8492591eeacdea7ca911a5d6efe6fe9b

  • SHA1

    5592d1d67514bcabb5f3d2d8d49637a0fa99dbc6

  • SHA256

    1ff26b054336175beab72997a752fb08ff7ebbb09377d4f682976530120d28dd

  • SHA512

    9656995e4187bc5a19ecfe839185be79199dd14393a87adc174fb1311f128d21dee0861159f6ec54ef6d82b0f7cf6622e943ab4c6ec2a675e448d65a376d8fc4

  • SSDEEP

    49152:QFdPsPeBnuWeJtjJ0U4/Xvezp1F2SyIx00s120MjnF1OPyRzG52CExNypWvIk5:oGeB1ef0XvezjF2SyisE0iFA35dO

Score
8/10

Malware Config

Targets

    • Target

      IRC.dll

    • Size

      79KB

    • MD5

      f21ae5e05942e1bf0a8d790a8ac1db79

    • SHA1

      fc3a681ed4262f8d6da491b001cd8eca0d49333b

    • SHA256

      4161b837e483d66f51628721b767c87da74b0919db350e26b8e29cc2ff6632e1

    • SHA512

      6c7f7d5f563688c41ce68b0ed6849833d6ca2342ce08c255686ca3770403194595d2cdf54effdef04e16d405e48c3e3fb49552f8cd03aaafb12363b4d3a8c2c6

    • SSDEEP

      1536:jfFpA9WiXDejive1YclFqGtKGECA6yyPSSgWWVJUH6pXd5Pot:7FpA9WiXDYive1lTbKD6yyP/WVJat

    Score
    1/10
    behavioral1

    • Target

      LOIC.exe

    • Size

      6.1MB

    • MD5

      c54c3a6c2fdf9f9a458f3d552e355848

    • SHA1

      f53c3142902821377c4cfc6a9b32771bfeefe82d

    • SHA256

      ddb156846d1097880cc9ce51240b2b99b34925d420d28eac86f834aa0c92d49d

    • SHA512

      1655de2e409b1d98484bb5010b6a8f5c3f53717e0a5458d074e978386859aed8b8de0983047056a8c243156a3d78c17349d66fdb20fa14ba1a532a0d8af0caae

    • SSDEEP

      98304:31aHm6zKsIOaEABObLI+7dCcYRAzSVdWFOjdSWYj1c6XDm1tc:FgHvL/o0l4dw5cWqe

    Score
    8/10

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral2

MITRE ATT&CK Enterprise v15

Tasks