d4d34133c54f58b3ce7bf0e0d680849483f6c94dce8b71758557d1eca7542f89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd4e4b00c31293aae2be359f113eba20N.exe
Size

34KB
Sample

240817-h8elnaxckm
MD5

cd4e4b00c31293aae2be359f113eba20
SHA1

e866ae528b057332b430c66d9a824aa3fd32bfea
SHA256

d4d34133c54f58b3ce7bf0e0d680849483f6c94dce8b71758557d1eca7542f89
SHA512

3ecf4ce6fe8947e1bddc041054606b0c53dcdef3184015468db7fb88c2ff38a4ed57573d23004f965b426819738c061c065c7212daf2ce96ec6864fab2b5ec2d
SSDEEP

768:6eeI2//kFi7tCV6rtfZYjBUfyL4Mk9WBNvnFRtD5n:622nkFi7thRfZYtUfyL4Mk9WBNXt1n

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  cd4e4b00c31293aae2be359f113eba20N.exe
- Size
  
  34KB
- MD5
  
  cd4e4b00c31293aae2be359f113eba20
- SHA1
  
  e866ae528b057332b430c66d9a824aa3fd32bfea
- SHA256
  
  d4d34133c54f58b3ce7bf0e0d680849483f6c94dce8b71758557d1eca7542f89
- SHA512
  
  3ecf4ce6fe8947e1bddc041054606b0c53dcdef3184015468db7fb88c2ff38a4ed57573d23004f965b426819738c061c065c7212daf2ce96ec6864fab2b5ec2d
- SSDEEP
  
  768:6eeI2//kFi7tCV6rtfZYjBUfyL4Mk9WBNvnFRtD5n:622nkFi7thRfZYtUfyL4Mk9WBNXt1n
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2