General
-
Target
IpGrabber.exe
-
Size
10.0MB
-
Sample
240510-n1ybpacg4v
-
MD5
c418a64be8d4453beaae0b401a1e3f29
-
SHA1
30664a6caf525d323d9af465e1c843961f17f210
-
SHA256
33e8ba234199ca3f20610a059f996bc6adb53d62c42a2fb73654dae909abbb2f
-
SHA512
0a996b04f9b9d5f951878b97c2a574c762ec98ab5374ae3ade3316763921fc138d4ff5e79cbfa812d1fd41450fddd90d8eaea73e416fd40db20fc256ce158167
-
SSDEEP
196608:MWosu7axzed71ibP5ddQmRrdA6lbuErSEEJwdFt1L3SGYP1ZosPf:VnxzKcPjdQOlb+9JIiGE5
Malware Config
Targets
-
-
Target
IpGrabber.exe
-
Size
10.0MB
-
MD5
c418a64be8d4453beaae0b401a1e3f29
-
SHA1
30664a6caf525d323d9af465e1c843961f17f210
-
SHA256
33e8ba234199ca3f20610a059f996bc6adb53d62c42a2fb73654dae909abbb2f
-
SHA512
0a996b04f9b9d5f951878b97c2a574c762ec98ab5374ae3ade3316763921fc138d4ff5e79cbfa812d1fd41450fddd90d8eaea73e416fd40db20fc256ce158167
-
SSDEEP
196608:MWosu7axzed71ibP5ddQmRrdA6lbuErSEEJwdFt1L3SGYP1ZosPf:VnxzKcPjdQOlb+9JIiGE5
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-