Resubmissions

22-09-2021 14:13

210922-rjttqachf8 10

General

  • Target

    6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

  • Size

    434KB

  • Sample

    240414-q38asabh5t

  • MD5

    556c756b428b0a6f1516de031c3bfdb3

  • SHA1

    d4a8195611ac93a268b0ebdc14319a75de856725

  • SHA256

    6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

  • SHA512

    0e6ffc8dd5dda62a3936a5ea311a9e7007f27ead2f86f9f3f17510a78d2181b16473c69b3b5aa465f68042adef0d95fa8403f9d5bb106dbb4896750caef60a26

  • SSDEEP

    12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK9SATTsx/SA/WegYfdNbrqnuh:rXh6XcBXo8TsL8Y8m/ATTySA/DrfdNb7

Score
10/10

Malware Config

Targets

    • Target

      6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

    • Size

      434KB

    • MD5

      556c756b428b0a6f1516de031c3bfdb3

    • SHA1

      d4a8195611ac93a268b0ebdc14319a75de856725

    • SHA256

      6b64ec1c1ec9e8eb486f721c283d377a2e52f177e9f947d0d217ce84685ed239

    • SHA512

      0e6ffc8dd5dda62a3936a5ea311a9e7007f27ead2f86f9f3f17510a78d2181b16473c69b3b5aa465f68042adef0d95fa8403f9d5bb106dbb4896750caef60a26

    • SSDEEP

      12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK9SATTsx/SA/WegYfdNbrqnuh:rXh6XcBXo8TsL8Y8m/ATTySA/DrfdNb7

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks