General
-
Target
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd.exe
-
Size
15.2MB
-
Sample
240419-qtrxfaef3s
-
MD5
f9faae7acc66819bafd5523f719d5c11
-
SHA1
c424f400216b27f0fdd919b39fb01920c6e2cfe3
-
SHA256
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd
-
SHA512
04269937201c49b42218cae588685507834e9bc6b52b90e95d7f59ffa7183ad1e8d3730bf0075880c71d60ab89e7de32aad692092fba3eebaf727d2525f5cc2b
-
SSDEEP
393216:CV+M4eN00nY07eFsZETDfDgOREc64qDW8Y3+d9T4Q:CVCeCLsZETb0OZcW8YOd9Tp
Behavioral task
behavioral1
Sample
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd.exe
-
Size
15.2MB
-
MD5
f9faae7acc66819bafd5523f719d5c11
-
SHA1
c424f400216b27f0fdd919b39fb01920c6e2cfe3
-
SHA256
4404c09ad18da9aba1945dfb2975e210ff96ab3698e5c075bd6c8ec57cf854cd
-
SHA512
04269937201c49b42218cae588685507834e9bc6b52b90e95d7f59ffa7183ad1e8d3730bf0075880c71d60ab89e7de32aad692092fba3eebaf727d2525f5cc2b
-
SSDEEP
393216:CV+M4eN00nY07eFsZETDfDgOREc64qDW8Y3+d9T4Q:CVCeCLsZETb0OZcW8YOd9Tp
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-