Resubmissions

01-05-2024 18:06

240501-wp7pzscg9x 10

18-04-2024 14:15

240418-rkp7xsfd39 10

17-04-2024 14:48

240417-r6e9vacg64 8

General

  • Target

    forcedelctl.dll

  • Size

    956KB

  • Sample

    240418-rkp7xsfd39

  • MD5

    b28a478eb5b99efcdc7caf428bffb89a

  • SHA1

    d394c7b8fe15753bfbff79fb4f648f6f8bae70f9

  • SHA256

    3bca1dcaef4430272b9029c9a4bc8be0d45ecff66e8de8679ed30d8afab00f6f

  • SHA512

    decb2581f64949bfaaaf0368917f0705d7a4b7392ec272eda025cf06a4384ec4cdd5202081c2e085f00645029dd96bfef262e8628bed1861185adf6281c1cc88

  • SSDEEP

    24576:rs6ZRS5J3ifJvlxfcdaeti7w+0bf0XznPMvPD:Yni8dK9CEMXD

Score
10/10

Malware Config

Targets

    • Target

      forcedelctl.dll

    • Size

      956KB

    • MD5

      b28a478eb5b99efcdc7caf428bffb89a

    • SHA1

      d394c7b8fe15753bfbff79fb4f648f6f8bae70f9

    • SHA256

      3bca1dcaef4430272b9029c9a4bc8be0d45ecff66e8de8679ed30d8afab00f6f

    • SHA512

      decb2581f64949bfaaaf0368917f0705d7a4b7392ec272eda025cf06a4384ec4cdd5202081c2e085f00645029dd96bfef262e8628bed1861185adf6281c1cc88

    • SSDEEP

      24576:rs6ZRS5J3ifJvlxfcdaeti7w+0bf0XznPMvPD:Yni8dK9CEMXD

    Score
    10/10
    • Detects SSload

      Detects SSload.

    • Blocklisted process makes network request

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks