General
-
Target
incognito_2.zip
-
Size
24.2MB
-
Sample
240603-e3hjkscf48
-
MD5
ee4ac069a0fe67db279144aebb9e78d5
-
SHA1
193c69f743289e7db96e8a99a3601fcdb1c6d274
-
SHA256
b7defba55488199f41b756c4857db22d7188e15787e9008af1bb6983465d9e81
-
SHA512
a45615ed6745ff0f09e2edb571d91e22d95dca6a889960846438207b2a2ee5240304bc4fd65e44d7140890099b1a58b496204e44ff2eb388954e28d0c6832365
-
SSDEEP
393216:jMqhtzReutMFrrQxlL2Lm7ImA3rAFXWRi7Ytyuh21DIrwbQEnML9moapwXc:j/zNMrr51r6Hwyuh21qwbQf4oKwXc
Behavioral task
behavioral1
Sample
incognito/INCOBYFRONBYPASS$$.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
incognito/INCOBYFRONBYPASS$$.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
incognito/bin/incognito-luau.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
incognito/bin/incognito-luau.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
incognito/INCOBYFRONBYPASS$$.exe
-
Size
23.3MB
-
MD5
ed2ce6dfacd25c327c94e635c4fc3323
-
SHA1
92d6c8f5978a7c8c7f70f5cffa5655548dfe8ca4
-
SHA256
ca0b8fc840038188315c95ed2114eb986011fde0bfde080b40aa74080128032c
-
SHA512
68c08f4fc9b33f6b01f33349aa534b4ba0c3c97c695474244a170f42b5f2c1fca3cd160004231b6f2d0e3cb7f1a25aa4fb786b1ac02c643fc3e00c1fd8766aef
-
SSDEEP
393216:Wo9DM45CsKh2Jp5M/urEUWj5EnBSVkRIrY87FNwrcf+E6PcZYE9utK+:X9NJKhNdbQzcY87Fycf+8YEWK+
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
incognito/bin/incognito-luau.dll
-
Size
1.3MB
-
MD5
157fd035b2a344a94166d7db3756df0e
-
SHA1
f221d28c1deb80b4e8d9201226435aefce6b0f75
-
SHA256
8716c75aff75941711aff8770836f47eb9a254416089ef3571c6fc9a338b3009
-
SHA512
fad0174fbd22f58dd4fcdaad8378c214270b4faeaca64d9cb306f50e9316072a4c417c5723c4123b8bf94a3dba6ef4e3303ec60f4a2cf0c3a54d8ab375ea717d
-
SSDEEP
24576:ZqBSLRktEBl6blwTUMD4zB1VU2bFjYWR0pMQUAqLRAovh4bSAXVVRNRfMXZO:ZqBSLRkt8l6blSU//+2bFfvA1SQVVRNk
Score1/10 -