General
-
Target
6610a5896fe0895ed5ca90f938906372.bin
-
Size
764KB
-
Sample
240727-ce8dzszejj
-
MD5
6b97cee0922b799d0948604dd02ed42a
-
SHA1
79283f15b1cdddb06e5a1ac73bbf3ff964812142
-
SHA256
61be0b9e7904f668394ac3ac76f308b1afa8c7f485ce10365dfe826569c7bd7a
-
SHA512
9d7f17b322042f7b6fa852ff66b79eb0fba2a6fdc77825d3606b1c940a90279c80c6ad447ea6a2faeb2959eca3b385511a9ae7cc0f33a413dcc0a36535a60380
-
SSDEEP
12288:nRuY+ez6/xPSGc+SkNOsqFfG1dX7w+K3EImdET+6yoew+MQuLJLdiggOnU/AM:R3r6/dSGc+SklqFG7K3E3Oa6flN963
Static task
static1
Behavioral task
behavioral1
Sample
31c28bce87bf83996ccbd1e7bea5de7a75b5f840df1e108f6792d5b17185da66.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
31c28bce87bf83996ccbd1e7bea5de7a75b5f840df1e108f6792d5b17185da66.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
Protocol: smtp- Host:
mail.lenteraandalan.com - Port:
587 - Username:
[email protected] - Password:
merah2005
Targets
-
-
Target
31c28bce87bf83996ccbd1e7bea5de7a75b5f840df1e108f6792d5b17185da66.exe
-
Size
1.2MB
-
MD5
6610a5896fe0895ed5ca90f938906372
-
SHA1
b31f809206ea7352a8e2707bece1b087ded10ab1
-
SHA256
31c28bce87bf83996ccbd1e7bea5de7a75b5f840df1e108f6792d5b17185da66
-
SHA512
4528dd35d5d2e37c0e3597ac02e07f420e3671d6336bef00870d101ab50348556a4eb796bc1b462a8c5f22393917c0c958ce37323e2ec8ff75398696f5e2830b
-
SSDEEP
24576:KqDEvCTbMWu7rQYlBQcBiT6rprG8aPUJOy2AwxelFby:KTvC/MTQYxsWR7aPby2Txeb
Score10/10-
Disables Task Manager via registry modification
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-