General
-
Target
Sigma.exe
-
Size
8.9MB
-
Sample
240529-tynmcscc52
-
MD5
ae4850a7d9aab7cb113da5756c90975b
-
SHA1
7b7076fe04541fb055debc781c67af7d0c978a45
-
SHA256
aa58cb8cc315633e41d1b602e45f18a54f560eefcd58b6974c18a31b1231f2de
-
SHA512
8907bc78ed8cd917e6bfb1241d320fead1cf86895e13a274faee173660562eadcf1a0c2ca7d67e16872e7d71b17d0af16fd91b993faf35ef409e754992b00f92
-
SSDEEP
196608:nhZgNXLdqBA1HeT39IigQdeE9TFa0Z8DOjCdyltX/O2EnQf/RoXKh:mXL4q1+TtIiLUY9Z8D8CclVNEQCXKh
Behavioral task
behavioral1
Sample
Sigma.exe
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
Sigma.exe
-
Size
8.9MB
-
MD5
ae4850a7d9aab7cb113da5756c90975b
-
SHA1
7b7076fe04541fb055debc781c67af7d0c978a45
-
SHA256
aa58cb8cc315633e41d1b602e45f18a54f560eefcd58b6974c18a31b1231f2de
-
SHA512
8907bc78ed8cd917e6bfb1241d320fead1cf86895e13a274faee173660562eadcf1a0c2ca7d67e16872e7d71b17d0af16fd91b993faf35ef409e754992b00f92
-
SSDEEP
196608:nhZgNXLdqBA1HeT39IigQdeE9TFa0Z8DOjCdyltX/O2EnQf/RoXKh:mXL4q1+TtIiLUY9Z8D8CclVNEQCXKh
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-