Resubmissions

13-09-2021 06:40

210913-he9jyadaf7 10

General

  • Target

    ac6c81185df544af2f0c7563451d654cfa879a0d4bd4cfefff49f157a976a27a

  • Size

    786KB

  • Sample

    240414-rz9vwacb7t

  • MD5

    a30305745d72e2361e1799914bd56526

  • SHA1

    89234b71a3e24511c221023c21df7a49134ee70c

  • SHA256

    ac6c81185df544af2f0c7563451d654cfa879a0d4bd4cfefff49f157a976a27a

  • SHA512

    be665052f70510ac875884e228dcea37bbf8dc3c86560c178d847651bb8e41a2e574adfa57187323f748715f7759cede80cdc1cc0ffe129814c30afef0d52c58

  • SSDEEP

    12288:vyxPJa2s86jofrWEuxjcZxyPq8tf8sQ+PRtj3lDsmMHj3N6eiaFmhL+JigW:vyxPJ/s86szWEuKiflOmMDhPEhL+lW

Score
10/10

Malware Config

Targets

    • Target

      ac6c81185df544af2f0c7563451d654cfa879a0d4bd4cfefff49f157a976a27a

    • Size

      786KB

    • MD5

      a30305745d72e2361e1799914bd56526

    • SHA1

      89234b71a3e24511c221023c21df7a49134ee70c

    • SHA256

      ac6c81185df544af2f0c7563451d654cfa879a0d4bd4cfefff49f157a976a27a

    • SHA512

      be665052f70510ac875884e228dcea37bbf8dc3c86560c178d847651bb8e41a2e574adfa57187323f748715f7759cede80cdc1cc0ffe129814c30afef0d52c58

    • SSDEEP

      12288:vyxPJa2s86jofrWEuxjcZxyPq8tf8sQ+PRtj3lDsmMHj3N6eiaFmhL+JigW:vyxPJ/s86szWEuKiflOmMDhPEhL+lW

    Score
    10/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks