General
-
Target
Start.bat
-
Size
17.7MB
-
Sample
240315-nl4j6afb7x
-
MD5
9741ad4603b9ecd4c5645b2fcf716ac8
-
SHA1
dfad3802eab1f45dc9477329b61dc057b8c1451a
-
SHA256
83276bed1b6d8a900caf2f9c46616daf3d26ad9137020c89797967f74aa081da
-
SHA512
3adf9a3a11abb7a4a442f1036802bbc59f37899283c394c787f1da61fc2949562209302f39f5d3cffd40e0d15761b7ecd323154c16725802700d88a0e6c470fa
-
SSDEEP
393216:kqPnLFXlrwQpDOETgsvfG1gYz/vEgDITH+oJ:FPLFXNwQoEWjzE
Malware Config
Targets
-
-
Target
Start.bat
-
Size
17.7MB
-
MD5
9741ad4603b9ecd4c5645b2fcf716ac8
-
SHA1
dfad3802eab1f45dc9477329b61dc057b8c1451a
-
SHA256
83276bed1b6d8a900caf2f9c46616daf3d26ad9137020c89797967f74aa081da
-
SHA512
3adf9a3a11abb7a4a442f1036802bbc59f37899283c394c787f1da61fc2949562209302f39f5d3cffd40e0d15761b7ecd323154c16725802700d88a0e6c470fa
-
SSDEEP
393216:kqPnLFXlrwQpDOETgsvfG1gYz/vEgDITH+oJ:FPLFXNwQoEWjzE
Score7/10-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
main.pyc
-
Size
7KB
-
MD5
8cb84df6a72a7489b30d2ca6a05fc219
-
SHA1
4f91cca8dbe3488a04dc59b0c4f112e55327ca3e
-
SHA256
c958494dd20ab2d6dd284a4d120c9d65684e5fbd565b269156727b231fd380c1
-
SHA512
f84bd25180dfe4947ea1c23ea1422f20511a81e6dd09d30887ebf7526eb99ae07fa88ac20dd43f4e1feb48b0ad4c3fd44f92bf65681e00523395bd1948d13fb4
-
SSDEEP
192:wxsAffMS/8D8XhWdXw4EXDHKOcJhwSflMdwwnw:ytf73Wu4EXeOw2SflPww
Score3/10 -