General

  • Target

    Sigma.exe

  • Size

    8.9MB

  • Sample

    240529-tynmcscc52

  • MD5

    ae4850a7d9aab7cb113da5756c90975b

  • SHA1

    7b7076fe04541fb055debc781c67af7d0c978a45

  • SHA256

    aa58cb8cc315633e41d1b602e45f18a54f560eefcd58b6974c18a31b1231f2de

  • SHA512

    8907bc78ed8cd917e6bfb1241d320fead1cf86895e13a274faee173660562eadcf1a0c2ca7d67e16872e7d71b17d0af16fd91b993faf35ef409e754992b00f92

  • SSDEEP

    196608:nhZgNXLdqBA1HeT39IigQdeE9TFa0Z8DOjCdyltX/O2EnQf/RoXKh:mXL4q1+TtIiLUY9Z8D8CclVNEQCXKh

Score
7/10

Malware Config

Targets

    • Target

      Sigma.exe

    • Size

      8.9MB

    • MD5

      ae4850a7d9aab7cb113da5756c90975b

    • SHA1

      7b7076fe04541fb055debc781c67af7d0c978a45

    • SHA256

      aa58cb8cc315633e41d1b602e45f18a54f560eefcd58b6974c18a31b1231f2de

    • SHA512

      8907bc78ed8cd917e6bfb1241d320fead1cf86895e13a274faee173660562eadcf1a0c2ca7d67e16872e7d71b17d0af16fd91b993faf35ef409e754992b00f92

    • SSDEEP

      196608:nhZgNXLdqBA1HeT39IigQdeE9TFa0Z8DOjCdyltX/O2EnQf/RoXKh:mXL4q1+TtIiLUY9Z8D8CclVNEQCXKh

    Score
    7/10
    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks