General
-
Target
autohitter.exe
-
Size
8.3MB
-
Sample
240516-xb62zaae84
-
MD5
51e99c16a2b8319b768ac17180ae553f
-
SHA1
b9eb2b96ba82d7ed4c792a841b9a7dc7a89ac1e0
-
SHA256
2144c91ea07c4402aff18ed9083f699787443058005aae02b659ee3241f6ae25
-
SHA512
0f8e822fdb6c3d31142471c105494eb00c27eff700be2a915381f1125b9057cdb32c72aa61b22bb8df79dea2bdca934d82d6dd105eb880ea52723ca03e4471f2
-
SSDEEP
98304:TOf9TXulL1cAkiQLqezZVacsbxlAlN+I6y7X6n010h/kpfKc4u0wJZTvaXx0:TmFwcdJzZyU3+Ix6S0WewJZTSXx
Static task
static1
Behavioral task
behavioral1
Sample
autohitter.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
autohitter.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
autohitter.exe
-
Size
8.3MB
-
MD5
51e99c16a2b8319b768ac17180ae553f
-
SHA1
b9eb2b96ba82d7ed4c792a841b9a7dc7a89ac1e0
-
SHA256
2144c91ea07c4402aff18ed9083f699787443058005aae02b659ee3241f6ae25
-
SHA512
0f8e822fdb6c3d31142471c105494eb00c27eff700be2a915381f1125b9057cdb32c72aa61b22bb8df79dea2bdca934d82d6dd105eb880ea52723ca03e4471f2
-
SSDEEP
98304:TOf9TXulL1cAkiQLqezZVacsbxlAlN+I6y7X6n010h/kpfKc4u0wJZTvaXx0:TmFwcdJzZyU3+Ix6S0WewJZTSXx
Score7/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-