General
-
Target
n8zZxpL.exe
-
Size
8.3MB
-
Sample
240528-b29pwsaa7z
-
MD5
8a03f3cd5136dad910a9c7c50c911822
-
SHA1
c61816536af80b882e9d2a7a6a0a3c99457124d8
-
SHA256
720818fdb9cae600223d72474859f367b66a5a3cdfa6dc1d80ad53c8e6200e62
-
SHA512
121a62b5ba8dcab071f74abe98c2f87c9af67e6e2224c6d76bebf31b141700b215964a6157efd99f461f109b25bb02ffa574e9a01b502074eadd9e6163d428c5
-
SSDEEP
196608:Ls0jLqBA1HeT39IigQdeE9TFa0Z8DOjCdyl5okknz8Qdd5x9K:l6q1+TtIiLUY9Z8D8Ccl+loWx9K
Behavioral task
behavioral1
Sample
n8zZxpL.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
n8zZxpL.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
n8zZxpL.exe
-
Size
8.3MB
-
MD5
8a03f3cd5136dad910a9c7c50c911822
-
SHA1
c61816536af80b882e9d2a7a6a0a3c99457124d8
-
SHA256
720818fdb9cae600223d72474859f367b66a5a3cdfa6dc1d80ad53c8e6200e62
-
SHA512
121a62b5ba8dcab071f74abe98c2f87c9af67e6e2224c6d76bebf31b141700b215964a6157efd99f461f109b25bb02ffa574e9a01b502074eadd9e6163d428c5
-
SSDEEP
196608:Ls0jLqBA1HeT39IigQdeE9TFa0Z8DOjCdyl5okknz8Qdd5x9K:l6q1+TtIiLUY9Z8D8Ccl+loWx9K
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-