31d14b04023ab2d76844386bc1395c8c530a4627fd8403381284bb7834daefcb | Triage

Sharing

General

Target

CHECKER NETFLIX.exe
Size

501KB
Sample

240522-x6al9adf4x
MD5

c6b22d27af3fd2ff253ff0a34b3b755a
SHA1

4ec3d2cacac492dff6cb3ca90b3b91f2532c033c
SHA256

31d14b04023ab2d76844386bc1395c8c530a4627fd8403381284bb7834daefcb
SHA512

60e738fadcdd217c0e8ab6a88265405d161357de2e83702683927c75e277ca5bf83e707cb5b531fd3ef11de5763ce615afaaf38c48b9b9ae7c46386d5076f6cb
SSDEEP

12288:ciQDw/p32v5rqIc4VQj/9PKGpRwG/C2Fonfnex:NWCp34QIcFR/C6onfo

Score

6^/10

Malware Config

Targets

- Target
  
  CHECKER NETFLIX.exe
- Size
  
  501KB
- MD5
  
  c6b22d27af3fd2ff253ff0a34b3b755a
- SHA1
  
  4ec3d2cacac492dff6cb3ca90b3b91f2532c033c
- SHA256
  
  31d14b04023ab2d76844386bc1395c8c530a4627fd8403381284bb7834daefcb
- SHA512
  
  60e738fadcdd217c0e8ab6a88265405d161357de2e83702683927c75e277ca5bf83e707cb5b531fd3ef11de5763ce615afaaf38c48b9b9ae7c46386d5076f6cb
- SSDEEP
  
  12288:ciQDw/p32v5rqIc4VQj/9PKGpRwG/C2Fonfnex:NWCp34QIcFR/C6onfo
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2