Resubmissions

07-05-2024 12:34

240507-pr1k5aae36 10

07-05-2024 12:34

240507-prx51aae34 10

07-05-2024 12:34

240507-prvpwaae33 10

07-05-2024 12:34

240507-prt4caae32 10

07-05-2024 12:34

240507-prs62sae28 10

25-04-2024 13:14

240425-qgqtlsbb44 10

General

  • Target

    cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a

  • Size

    329KB

  • Sample

    240425-qgqtlsbb44

  • MD5

    c8cf269fcf175d316c6ae2fb694a9e62

  • SHA1

    e5fe77d901aefdbe5c59408c047bfd6266f48d5d

  • SHA256

    cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a

  • SHA512

    f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95

  • SSDEEP

    6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7

Score
10/10

Malware Config

Targets

    • Target

      cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a

    • Size

      329KB

    • MD5

      c8cf269fcf175d316c6ae2fb694a9e62

    • SHA1

      e5fe77d901aefdbe5c59408c047bfd6266f48d5d

    • SHA256

      cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a

    • SHA512

      f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95

    • SSDEEP

      6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks