Resubmissions

17-04-2024 12:03

240417-n8dl9aff6s 10

17-04-2024 12:03

240417-n8dbgsff51 10

17-04-2024 12:03

240417-n8cpysea94 10

17-04-2024 12:03

240417-n8b4esea93 10

17-04-2024 12:03

240417-n8bgwsff5x 10

17-04-2024 06:10

240417-gxa9eshc4w 10

General

  • Target

    4d2a6dd3bc7959a48a65ae1a18957c0bdb301e2c16eff00cfc25a3eaec9950a9

  • Size

    855KB

  • Sample

    240417-n8dbgsff51

  • MD5

    109b3e74503b98cfaa238af70f28258a

  • SHA1

    d2454eb5e18fd9615ea3bc64f8d977a4e216da82

  • SHA256

    4d2a6dd3bc7959a48a65ae1a18957c0bdb301e2c16eff00cfc25a3eaec9950a9

  • SHA512

    147a78542bc4ef9e5e44e11b81534d2fd0b8d41ee5a57288c488a68a21c38a2515180283bb13a578a84905e2204e2186021b40ac747064c0a3437448a9341c7c

  • SSDEEP

    24576:STGca0BDet2MvbWG8Upb3L2ahLDFJIj1fuJbE4POJR:6BaPXPj5Jk/wc

Score
10/10

Malware Config

Targets

    • Target

      4d2a6dd3bc7959a48a65ae1a18957c0bdb301e2c16eff00cfc25a3eaec9950a9

    • Size

      855KB

    • MD5

      109b3e74503b98cfaa238af70f28258a

    • SHA1

      d2454eb5e18fd9615ea3bc64f8d977a4e216da82

    • SHA256

      4d2a6dd3bc7959a48a65ae1a18957c0bdb301e2c16eff00cfc25a3eaec9950a9

    • SHA512

      147a78542bc4ef9e5e44e11b81534d2fd0b8d41ee5a57288c488a68a21c38a2515180283bb13a578a84905e2204e2186021b40ac747064c0a3437448a9341c7c

    • SSDEEP

      24576:STGca0BDet2MvbWG8Upb3L2ahLDFJIj1fuJbE4POJR:6BaPXPj5Jk/wc

    Score
    10/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks