General
-
Target
PlasmaExecutor v2.6.21.exe
-
Size
21.1MB
-
Sample
240420-kcqedsce66
-
MD5
171cb9273d896a3048bcd0d641e6b9a2
-
SHA1
f3c80f7b85d15506af212718a80e31120cb96301
-
SHA256
43ac45be20b80f3e285dd75e733e239eb269c0f30936d4c6be1ca526371a7dcb
-
SHA512
8954da5bf25ec09674e0297eea403b07bf48adf9028561306a502da51b38f0fe9d56ce4f4216f4b710684a60ef4f38d3631730c7274508c4c5c217d720baf08b
-
SSDEEP
393216:IEkQ5S5AWfqWgP8AxYD/1+TtIiF5Y9Z8D8Ccl6l3SjadC02VaHKflkQgKZ:IeaAWfJbXr1QtIQa8DZcIlijadfqaFKZ
Behavioral task
behavioral1
Sample
PlasmaExecutor v2.6.21.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
PlasmaExecutor v2.6.21.exe
-
Size
21.1MB
-
MD5
171cb9273d896a3048bcd0d641e6b9a2
-
SHA1
f3c80f7b85d15506af212718a80e31120cb96301
-
SHA256
43ac45be20b80f3e285dd75e733e239eb269c0f30936d4c6be1ca526371a7dcb
-
SHA512
8954da5bf25ec09674e0297eea403b07bf48adf9028561306a502da51b38f0fe9d56ce4f4216f4b710684a60ef4f38d3631730c7274508c4c5c217d720baf08b
-
SSDEEP
393216:IEkQ5S5AWfqWgP8AxYD/1+TtIiF5Y9Z8D8Ccl6l3SjadC02VaHKflkQgKZ:IeaAWfJbXr1QtIQa8DZcIlijadfqaFKZ
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-