76742d28588282ee654f9ed404fc0fb3806411334f50bceda5883c6e53ff8873 | Triage

Sharing

General

Target

queensblade
Size

18KB
Sample

240522-ztq5ksgd8v
MD5

1508559f55363c737fdf2960f0ebf8e1
SHA1

727efd6f5492c6c1e769e547d432cf6a84cb7158
SHA256

76742d28588282ee654f9ed404fc0fb3806411334f50bceda5883c6e53ff8873
SHA512

fc20d5045dce36138fcf7bf2731c0d49ccf8963bf1a96ea026bde25d34c27c34fa4d7e34b61b2c3fcdd3c11e44dc532cb716032a053a39c476a618af226160c1
SSDEEP

192:3vicnXKa7L8qJjDo+G98DO57JXaY7JXaEhLHrJ+G+/Ci8/nrgbNdz3cSu/JVZg:6uXKa7LvfpdiLLRrwv/O/GGJVy

Score

6^/10

Malware Config

Targets

- Target
  
  queensblade
- Size
  
  18KB
- MD5
  
  1508559f55363c737fdf2960f0ebf8e1
- SHA1
  
  727efd6f5492c6c1e769e547d432cf6a84cb7158
- SHA256
  
  76742d28588282ee654f9ed404fc0fb3806411334f50bceda5883c6e53ff8873
- SHA512
  
  fc20d5045dce36138fcf7bf2731c0d49ccf8963bf1a96ea026bde25d34c27c34fa4d7e34b61b2c3fcdd3c11e44dc532cb716032a053a39c476a618af226160c1
- SSDEEP
  
  192:3vicnXKa7L8qJjDo+G98DO57JXaY7JXaEhLHrJ+G+/Ci8/nrgbNdz3cSu/JVZg:6uXKa7LvfpdiLLRrwv/O/GGJVy
Score

6^/10
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2