Resubmissions

18-04-2024 05:17

240418-fyv5jscb63 10

18-04-2024 05:17

240418-fytlqadd81 10

18-04-2024 05:17

240418-fyspescb62 10

18-04-2024 05:17

240418-fysdnacb58 10

18-04-2024 05:17

240418-fyr3wsdd8y 10

General

  • Target

    82b13cf8f768b3830b50622eba4da3593a8a724ffcefd55793ee87a4f0ea57ca

  • Size

    434KB

  • Sample

    240414-q457tabh6s

  • MD5

    4b8ea3f7be543e21300e56992b08d6ab

  • SHA1

    dcfbb5dd3087ec2edc6c3a779916b1b2585d42eb

  • SHA256

    82b13cf8f768b3830b50622eba4da3593a8a724ffcefd55793ee87a4f0ea57ca

  • SHA512

    ddfd79e32c248cc0419ab37f368247e8bae1d9ff83f86665b24e523a97bc584a3a5c3c26b97c78944439279001e76a1e97efebb52750362e62b9deea4b78bfb2

  • SSDEEP

    12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK9SATTsx/SA/WegYfdNbrqnu4:rXh6XcBXo8TsL8Y8m/ATTySA/DrfdNbu

Score
10/10

Malware Config

Targets

    • Target

      82b13cf8f768b3830b50622eba4da3593a8a724ffcefd55793ee87a4f0ea57ca

    • Size

      434KB

    • MD5

      4b8ea3f7be543e21300e56992b08d6ab

    • SHA1

      dcfbb5dd3087ec2edc6c3a779916b1b2585d42eb

    • SHA256

      82b13cf8f768b3830b50622eba4da3593a8a724ffcefd55793ee87a4f0ea57ca

    • SHA512

      ddfd79e32c248cc0419ab37f368247e8bae1d9ff83f86665b24e523a97bc584a3a5c3c26b97c78944439279001e76a1e97efebb52750362e62b9deea4b78bfb2

    • SSDEEP

      12288:rXPcLcbGfVylwG/ZDCK/ScBXo8TsyMkKMY8m7WOK9SATTsx/SA/WegYfdNbrqnu4:rXh6XcBXo8TsL8Y8m/ATTySA/DrfdNbu

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks