General
-
Target
hr6z.exe
-
Size
67.8MB
-
Sample
240529-rrdsgaaa85
-
MD5
384af14536b64e46682d54f6c2787fef
-
SHA1
146c2353083c52a30a1253a92fc49857d6fd3dd0
-
SHA256
eb13258d13bef30db109059f843d308e403e4a0470b51a1d12b6a3867d343493
-
SHA512
baff244d507b9c5cbfb6e56df9569118c1dfc601c90956d896233a7f145ff8b5aa007f191fe4f345a8485f8cb09d9b58e15cfe6c08c99bbc8d33b4549280c328
-
SSDEEP
1572864:BNVjnnXGMK4XR3bLSCU/+6yPlvWIS7E885Hpw85Hp3:NjngYRPSC++6y9+IS+VpRVp3
Behavioral task
behavioral1
Sample
hr6z.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
hr6z.exe
-
Size
67.8MB
-
MD5
384af14536b64e46682d54f6c2787fef
-
SHA1
146c2353083c52a30a1253a92fc49857d6fd3dd0
-
SHA256
eb13258d13bef30db109059f843d308e403e4a0470b51a1d12b6a3867d343493
-
SHA512
baff244d507b9c5cbfb6e56df9569118c1dfc601c90956d896233a7f145ff8b5aa007f191fe4f345a8485f8cb09d9b58e15cfe6c08c99bbc8d33b4549280c328
-
SSDEEP
1572864:BNVjnnXGMK4XR3bLSCU/+6yPlvWIS7E885Hpw85Hp3:NjngYRPSC++6y9+IS+VpRVp3
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-