General
-
Target
ConsoleApplication2.exe
-
Size
4.4MB
-
Sample
240608-sqgcmscg91
-
MD5
7e07ccb653b3445214abdeab1aa29742
-
SHA1
1ed6f7e18df7a7608d5b036dfa853be90f80fc3f
-
SHA256
3fcc0a30d86925cfb11bcacc6cd997d8d057e65afd7d113dacc3e2f3239b387c
-
SHA512
51978d0d5922ab1e4c55601d2a94553592d1e91db3721dbeeb7e23f8a46e11375ec6661786a50d73c0d8775dd1dce7cfd0e7e5d784b1d5c7dc7bb497f74fca68
-
SSDEEP
49152:d9vc+sItdcnAC6MmT2WsdVzhX6SQpr2vsjSYvuSbeAAXaPS4t0PHf6ziJ7Wjk9qQ:d9vc+s5DkSzcDPuff
Malware Config
Targets
-
-
Target
ConsoleApplication2.exe
-
Size
4.4MB
-
MD5
7e07ccb653b3445214abdeab1aa29742
-
SHA1
1ed6f7e18df7a7608d5b036dfa853be90f80fc3f
-
SHA256
3fcc0a30d86925cfb11bcacc6cd997d8d057e65afd7d113dacc3e2f3239b387c
-
SHA512
51978d0d5922ab1e4c55601d2a94553592d1e91db3721dbeeb7e23f8a46e11375ec6661786a50d73c0d8775dd1dce7cfd0e7e5d784b1d5c7dc7bb497f74fca68
-
SSDEEP
49152:d9vc+sItdcnAC6MmT2WsdVzhX6SQpr2vsjSYvuSbeAAXaPS4t0PHf6ziJ7Wjk9qQ:d9vc+s5DkSzcDPuff
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-