General

  • Target

    $R3NK09Y.exe

  • Size

    16.4MB

  • Sample

    240521-tgeccsbb63

  • MD5

    c9cde10ef15429feeb2177a12b8ecd9b

  • SHA1

    a77ab463eef7ff052fef80452d66bba49ee1ef1c

  • SHA256

    e7e356483dbdb34e2b69f22cd6e10d6b31bcd43c24f5724010e683656e16933d

  • SHA512

    d9c99be64909b61f15a2af370d58d1e5f727dec58aa6c694efce842d1575e0877d22cab93619572899a6be2aada5578c820896d98dff1c5ec67c7ce8f436a17e

  • SSDEEP

    196608:FgL9HLAlndpb7KX/Rdarz60/460ii8kB6yTNJm3AqM+KCKW4nZQobtxoYByzKX93:cxAlndYX5UrzR8BRT/m3pqCgzNNxu87

Score
7/10

Malware Config

Targets

    • Target

      $R3NK09Y.exe

    • Size

      16.4MB

    • MD5

      c9cde10ef15429feeb2177a12b8ecd9b

    • SHA1

      a77ab463eef7ff052fef80452d66bba49ee1ef1c

    • SHA256

      e7e356483dbdb34e2b69f22cd6e10d6b31bcd43c24f5724010e683656e16933d

    • SHA512

      d9c99be64909b61f15a2af370d58d1e5f727dec58aa6c694efce842d1575e0877d22cab93619572899a6be2aada5578c820896d98dff1c5ec67c7ce8f436a17e

    • SSDEEP

      196608:FgL9HLAlndpb7KX/Rdarz60/460ii8kB6yTNJm3AqM+KCKW4nZQobtxoYByzKX93:cxAlndYX5UrzR8BRT/m3pqCgzNNxu87

    Score
    7/10
    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks