General
-
Target
yes.exe
-
Size
70.2MB
-
Sample
240604-f3encsee4y
-
MD5
468fa21c606be78cc17425d912a66868
-
SHA1
09c2d8e3d1d822040584422c7f320ef7785d9a7f
-
SHA256
00010543ac7bfee0ce136bcd39b297e71af88b350754ba31742c6e9ad49f69b1
-
SHA512
52b60d9e30d884e104e7a629d32270c3e9984a94736b2900d846257a4425a6b9fb910d91455de6ab1d621f831b9c2bbeef762e5505c7f477ae26a7968ff30e57
-
SSDEEP
1572864:yYQtvpXFP/V4f6Gj53ikjt4jRq2GqFOPV58W+eHU2qHWB75izWm/mlWA2zSJ9gQ:H6t/VG6RmtCRlGPrXk2qHO5iqzv2GJ9g
Behavioral task
behavioral1
Sample
yes.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
yes.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
yes.exe
-
Size
70.2MB
-
MD5
468fa21c606be78cc17425d912a66868
-
SHA1
09c2d8e3d1d822040584422c7f320ef7785d9a7f
-
SHA256
00010543ac7bfee0ce136bcd39b297e71af88b350754ba31742c6e9ad49f69b1
-
SHA512
52b60d9e30d884e104e7a629d32270c3e9984a94736b2900d846257a4425a6b9fb910d91455de6ab1d621f831b9c2bbeef762e5505c7f477ae26a7968ff30e57
-
SSDEEP
1572864:yYQtvpXFP/V4f6Gj53ikjt4jRq2GqFOPV58W+eHU2qHWB75izWm/mlWA2zSJ9gQ:H6t/VG6RmtCRlGPrXk2qHO5iqzv2GJ9g
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-