General
-
Target
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
-
Size
329KB
-
Sample
240425-qgqtlsbb44
-
MD5
c8cf269fcf175d316c6ae2fb694a9e62
-
SHA1
e5fe77d901aefdbe5c59408c047bfd6266f48d5d
-
SHA256
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
-
SHA512
f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95
-
SSDEEP
6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7
Static task
static1
Behavioral task
behavioral1
Sample
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral2
Sample
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a.exe
Resource
win7-20240221-en
Behavioral task
behavioral3
Sample
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
-
Size
329KB
-
MD5
c8cf269fcf175d316c6ae2fb694a9e62
-
SHA1
e5fe77d901aefdbe5c59408c047bfd6266f48d5d
-
SHA256
cf537ad654f1f5b08e6af8d7e2c1068fa90bc91dfa448d3fad066f2428f7221a
-
SHA512
f8c31b72ed05555680bfc4bcf27b579afe6daa60a37481e0f894a616f7ab92722017ab64c4d437c80edadd8d6f735ec47fa9f98a41bd83d17bfccdf985607d95
-
SSDEEP
6144:OiptXar/IK1Hp/eQUN/Y3ctEZotx3+FdkWaigxNeQpFpc0zCaQOQZzAmA40d3uOB:JHkIKdp/QwMKW3+FKHzxQGpc0zkOQZk7
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-