General

  • Target

    hr6z.exe

  • Size

    67.8MB

  • Sample

    240529-rrdsgaaa85

  • MD5

    384af14536b64e46682d54f6c2787fef

  • SHA1

    146c2353083c52a30a1253a92fc49857d6fd3dd0

  • SHA256

    eb13258d13bef30db109059f843d308e403e4a0470b51a1d12b6a3867d343493

  • SHA512

    baff244d507b9c5cbfb6e56df9569118c1dfc601c90956d896233a7f145ff8b5aa007f191fe4f345a8485f8cb09d9b58e15cfe6c08c99bbc8d33b4549280c328

  • SSDEEP

    1572864:BNVjnnXGMK4XR3bLSCU/+6yPlvWIS7E885Hpw85Hp3:NjngYRPSC++6y9+IS+VpRVp3

Score
7/10

Malware Config

Targets

    • Target

      hr6z.exe

    • Size

      67.8MB

    • MD5

      384af14536b64e46682d54f6c2787fef

    • SHA1

      146c2353083c52a30a1253a92fc49857d6fd3dd0

    • SHA256

      eb13258d13bef30db109059f843d308e403e4a0470b51a1d12b6a3867d343493

    • SHA512

      baff244d507b9c5cbfb6e56df9569118c1dfc601c90956d896233a7f145ff8b5aa007f191fe4f345a8485f8cb09d9b58e15cfe6c08c99bbc8d33b4549280c328

    • SSDEEP

      1572864:BNVjnnXGMK4XR3bLSCU/+6yPlvWIS7E885Hpw85Hp3:NjngYRPSC++6y9+IS+VpRVp3

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks