General
-
Target
$R3NK09Y.exe
-
Size
16.4MB
-
Sample
240521-tgeccsbb63
-
MD5
c9cde10ef15429feeb2177a12b8ecd9b
-
SHA1
a77ab463eef7ff052fef80452d66bba49ee1ef1c
-
SHA256
e7e356483dbdb34e2b69f22cd6e10d6b31bcd43c24f5724010e683656e16933d
-
SHA512
d9c99be64909b61f15a2af370d58d1e5f727dec58aa6c694efce842d1575e0877d22cab93619572899a6be2aada5578c820896d98dff1c5ec67c7ce8f436a17e
-
SSDEEP
196608:FgL9HLAlndpb7KX/Rdarz60/460ii8kB6yTNJm3AqM+KCKW4nZQobtxoYByzKX93:cxAlndYX5UrzR8BRT/m3pqCgzNNxu87
Behavioral task
behavioral1
Sample
$R3NK09Y.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
$R3NK09Y.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
$R3NK09Y.exe
-
Size
16.4MB
-
MD5
c9cde10ef15429feeb2177a12b8ecd9b
-
SHA1
a77ab463eef7ff052fef80452d66bba49ee1ef1c
-
SHA256
e7e356483dbdb34e2b69f22cd6e10d6b31bcd43c24f5724010e683656e16933d
-
SHA512
d9c99be64909b61f15a2af370d58d1e5f727dec58aa6c694efce842d1575e0877d22cab93619572899a6be2aada5578c820896d98dff1c5ec67c7ce8f436a17e
-
SSDEEP
196608:FgL9HLAlndpb7KX/Rdarz60/460ii8kB6yTNJm3AqM+KCKW4nZQobtxoYByzKX93:cxAlndYX5UrzR8BRT/m3pqCgzNNxu87
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-