General
-
Target
yes.exe
-
Size
70.2MB
-
Sample
240604-f5d5lsef2s
-
MD5
569b71197a5b09623d13601e2e7eb77b
-
SHA1
712a62fc11f6d05c27ff82b86dd714e7f6f02b35
-
SHA256
c1bcda6e790985530b5f15018ce2d6bb990f78c6d8b4f5609493d7718ae7b414
-
SHA512
32acda68c69933b3af398b44ace67fdfb9a968bb5505023d05fea09f60ebdd0f25e7be08bf240b45ce763424f4751b8cde343f87d8b65b25748e0be46b687cc0
-
SSDEEP
1572864:YYQtvpXFP/V4f6Gj53ikjt4jRq2GqFOPV58W+eHU2qHWB75izWm/mlWA2zSJ9gQ:p6t/VG6RmtCRlGPrXk2qHO5iqzv2GJ9g
Behavioral task
behavioral1
Sample
yes.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
yes.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
yes.exe
-
Size
70.2MB
-
MD5
569b71197a5b09623d13601e2e7eb77b
-
SHA1
712a62fc11f6d05c27ff82b86dd714e7f6f02b35
-
SHA256
c1bcda6e790985530b5f15018ce2d6bb990f78c6d8b4f5609493d7718ae7b414
-
SHA512
32acda68c69933b3af398b44ace67fdfb9a968bb5505023d05fea09f60ebdd0f25e7be08bf240b45ce763424f4751b8cde343f87d8b65b25748e0be46b687cc0
-
SSDEEP
1572864:YYQtvpXFP/V4f6Gj53ikjt4jRq2GqFOPV58W+eHU2qHWB75izWm/mlWA2zSJ9gQ:p6t/VG6RmtCRlGPrXk2qHO5iqzv2GJ9g
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-