General
-
Target
coolgame.exe
-
Size
20.1MB
-
Sample
240522-mfpndabg64
-
MD5
11e12cba1bb7f37223514f9a2a009d14
-
SHA1
2d958950c86f2188cb4bfadc15203f625eee7aa2
-
SHA256
7aad5d5b3a2c4298cf3017da897b6b7879174f1c400e739c5a55f1a3d5405a73
-
SHA512
b8dbaf638ac29457696393e587063e721bce688b7431b42e9ee57b8eab76f85a7d7961413064d67e0c39f63b2c28179d95b196d0301853d7cf5b72ea9d70d2ef
-
SSDEEP
393216:v5iLW2vOB/OzthRhylz5qcTnBV16v/pPzef+tqHNEECT7HCKDkXySUA:xiLW2vOtOztxeXTBV16vhPzef+tqH6NG
Static task
static1
Behavioral task
behavioral1
Sample
coolgame.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
coolgame.exe
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
coolgame.exe
-
Size
20.1MB
-
MD5
11e12cba1bb7f37223514f9a2a009d14
-
SHA1
2d958950c86f2188cb4bfadc15203f625eee7aa2
-
SHA256
7aad5d5b3a2c4298cf3017da897b6b7879174f1c400e739c5a55f1a3d5405a73
-
SHA512
b8dbaf638ac29457696393e587063e721bce688b7431b42e9ee57b8eab76f85a7d7961413064d67e0c39f63b2c28179d95b196d0301853d7cf5b72ea9d70d2ef
-
SSDEEP
393216:v5iLW2vOB/OzthRhylz5qcTnBV16v/pPzef+tqHNEECT7HCKDkXySUA:xiLW2vOtOztxeXTBV16vhPzef+tqH6NG
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-