General
-
Target
3d8a1274c158597b5f19a3a5e3585359.bin
-
Size
30.1MB
-
Sample
240730-xcrcxasgqr
-
MD5
3d8a1274c158597b5f19a3a5e3585359
-
SHA1
2e230262da6e67c3453f3a27d71f85368db28797
-
SHA256
86b81bf7f83767c4934acaacdc5969d71c3ba8d897447993a4a6ebaaf23dfb6b
-
SHA512
76031a816caa45a30d4cc14299b4d5b61a63f829212239db53e616e93503da62589c1fc4c62e16dec7e9d9ef4b7fb997ada6ea3d471585a5ee6ec57ad0ef9f29
-
SSDEEP
786432:bCG6YUg4E4NakUtnEfz7vr85ienl0Zsgf68S1eQ/7:GG6YU1E4NNY5grS1eQ/7
Static task
static1
Behavioral task
behavioral1
Sample
3d8a1274c158597b5f19a3a5e3585359.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3d8a1274c158597b5f19a3a5e3585359.exe
Resource
win10v2004-20240730-en
Malware Config
Extracted
C:\Users\Admin\AppData\Local\@[email protected]
wannacry
12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw
Targets
-
-
Target
3d8a1274c158597b5f19a3a5e3585359.bin
-
Size
30.1MB
-
MD5
3d8a1274c158597b5f19a3a5e3585359
-
SHA1
2e230262da6e67c3453f3a27d71f85368db28797
-
SHA256
86b81bf7f83767c4934acaacdc5969d71c3ba8d897447993a4a6ebaaf23dfb6b
-
SHA512
76031a816caa45a30d4cc14299b4d5b61a63f829212239db53e616e93503da62589c1fc4c62e16dec7e9d9ef4b7fb997ada6ea3d471585a5ee6ec57ad0ef9f29
-
SSDEEP
786432:bCG6YUg4E4NakUtnEfz7vr85ienl0Zsgf68S1eQ/7:GG6YU1E4NNY5grS1eQ/7
-
PrivateLoader
PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
-
XMRig Miner payload
-
Modifies file permissions
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-