Resubmissions

22-09-2021 14:37

210922-ry949adad8 10

General

  • Target

    45b8f4130d70db6e59cc17cae406798f5e40f97f460caf032d59b2a1715ec33c

  • Size

    1.2MB

  • Sample

    240414-r5hzcacc4s

  • MD5

    9d06f72aeb10616c07e774187dfdce95

  • SHA1

    9c71200fd05f22fa12971c0ad4232d4fc169430d

  • SHA256

    45b8f4130d70db6e59cc17cae406798f5e40f97f460caf032d59b2a1715ec33c

  • SHA512

    e1bf5a51c59420355c1bae2c241d52e007a60fddb5847647e49c71b65abd1210d87a5cdb23ea62e7e2863bd86bb99ae89cd66767c906e8322634dc33ec454843

  • SSDEEP

    12288:u+rq0yKJ7KZeBA4DVzlzEyn2QFqTjCAjkTnV/QH7OTzId2nfpN3fXb:FW0yreAkpzP/QCAjkTmbOwYRZL

Score
10/10

Malware Config

Targets

    • Target

      45b8f4130d70db6e59cc17cae406798f5e40f97f460caf032d59b2a1715ec33c

    • Size

      1.2MB

    • MD5

      9d06f72aeb10616c07e774187dfdce95

    • SHA1

      9c71200fd05f22fa12971c0ad4232d4fc169430d

    • SHA256

      45b8f4130d70db6e59cc17cae406798f5e40f97f460caf032d59b2a1715ec33c

    • SHA512

      e1bf5a51c59420355c1bae2c241d52e007a60fddb5847647e49c71b65abd1210d87a5cdb23ea62e7e2863bd86bb99ae89cd66767c906e8322634dc33ec454843

    • SSDEEP

      12288:u+rq0yKJ7KZeBA4DVzlzEyn2QFqTjCAjkTnV/QH7OTzId2nfpN3fXb:FW0yreAkpzP/QCAjkTmbOwYRZL

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks