General
-
Target
total.exe
-
Size
15.7MB
-
Sample
240621-glht5azbkh
-
MD5
3f99a7f33cb7f423ac019daa0f9fa3ee
-
SHA1
1f254de90fb69873a3bd4d5a2aa292a2c6b60178
-
SHA256
13241a42849c36ee19303234c9b65770dcefdee962f40468201d044af8292d4a
-
SHA512
e0f3a472a36f40c8ea7386cb664aaf82e371fc65d80b7b70f330fc20a82d2d8ea062b1fcb8ab285afefc5159ca59d5c7be00c4f25dececa74670061f5e4a030c
-
SSDEEP
393216:lo9DM45UUDtSJurEUWjagZew3m6bjHTw6:K9N6cYdb9Zew3mUHJ
Behavioral task
behavioral1
Sample
total.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
total.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
total.exe
-
Size
15.7MB
-
MD5
3f99a7f33cb7f423ac019daa0f9fa3ee
-
SHA1
1f254de90fb69873a3bd4d5a2aa292a2c6b60178
-
SHA256
13241a42849c36ee19303234c9b65770dcefdee962f40468201d044af8292d4a
-
SHA512
e0f3a472a36f40c8ea7386cb664aaf82e371fc65d80b7b70f330fc20a82d2d8ea062b1fcb8ab285afefc5159ca59d5c7be00c4f25dececa74670061f5e4a030c
-
SSDEEP
393216:lo9DM45UUDtSJurEUWjagZew3m6bjHTw6:K9N6cYdb9Zew3mUHJ
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-