General
-
Target
sorilshiiiiiit.exe
-
Size
12KB
-
Sample
240525-s7f37she3s
-
MD5
b5386316f53e6b427ccb215d72614884
-
SHA1
e837b8abc9fe124b68929135fec3ccdcd7a6d0cc
-
SHA256
c68167ee797c035adc895add0214da989f883d85643608eb0d82abf76c37b887
-
SHA512
3d1ab2bbd444c91af0d316a30c9f72b19624f234f53f01a033ba91b6e432b47abecaa9184d8e87ca42920053548e493434fde71f971bbd988a284b985d7dff9b
-
SSDEEP
192:nlRc9l9EmPwa3qmA1VxzgzesZQKcYt4yvUNL3Q5tfMcQwwo:nla9bRPD3qm2ZO7DrvM3
Static task
static1
Behavioral task
behavioral1
Sample
sorilshiiiiiit.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
sorilshiiiiiit.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
sorilshiiiiiit.exe
-
Size
12KB
-
MD5
b5386316f53e6b427ccb215d72614884
-
SHA1
e837b8abc9fe124b68929135fec3ccdcd7a6d0cc
-
SHA256
c68167ee797c035adc895add0214da989f883d85643608eb0d82abf76c37b887
-
SHA512
3d1ab2bbd444c91af0d316a30c9f72b19624f234f53f01a033ba91b6e432b47abecaa9184d8e87ca42920053548e493434fde71f971bbd988a284b985d7dff9b
-
SSDEEP
192:nlRc9l9EmPwa3qmA1VxzgzesZQKcYt4yvUNL3Q5tfMcQwwo:nla9bRPD3qm2ZO7DrvM3
Score8/10-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-