General
-
Target
Snipers Haven beta.zip
-
Size
19.8MB
-
Sample
240424-t81dxadd36
-
MD5
7849a064176cae6dc10464a778aeafb2
-
SHA1
13e0d72c6edf18a59a270d3d228e07a1066beef3
-
SHA256
d8e72722b281af01a37a3135ae20def4007247e931e42fd3a5762e8adc63b16f
-
SHA512
0e4258220bc87e9be0cfaec0a8f53d28f4215374f3126e6fefca7516601167acfe232cccd88bd724c74715b6776f70713f6603379498d5ed6bb8417b950778f5
-
SSDEEP
393216:llTNYUoSj9c7gtA1pZ8fdgVSRY5ZwMw+zEUYBjyZXFoe:nTyU5jAgtngVSu5ZwMwm1ZV/
Behavioral task
behavioral1
Sample
Snipers Haven/Snipers-Haven.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
Snipers Haven/Snipers-Haven.exe
-
Size
30.0MB
-
MD5
b9caa1e6fbb8c1f59e8be87f03307fe5
-
SHA1
431d5f9fd5e7e3c8525ba81acd0b084ca3777396
-
SHA256
97a57bcbefee653ef61d26f6497f808ec49f9366199d2c88a33e72fa760c0e13
-
SHA512
9f5b43f495ed3042de159959381abff95fb3552072e1d87981002f2e102081544c92440cd537469a9385d9d1a6ae12eae1082e7559fe558e6fc45b3108400b6d
-
SSDEEP
393216:3v9zcQqGjrc6h2Jp5MPL+9qzT6LIcCJ+766oHdETv1:/9gQBj46hZ+9qH6LIcC2yGT
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-