27fdd21cafd2ae4866574dd164de56fdfe896dde66f8eede47266c7c4f610615 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f43b7146e45f554e06dc43a8add02970N.exe
Size

89KB
Sample

240819-w61m1azapb
MD5

f43b7146e45f554e06dc43a8add02970
SHA1

eadbcd92bd0999a5da93bf58ebb717414898914d
SHA256

27fdd21cafd2ae4866574dd164de56fdfe896dde66f8eede47266c7c4f610615
SHA512

6589d23866a03b4b63cff855e20da497e5f91b7bee08414d93330e8ce4f037e954f1d4adb96b2a86060fb1c0bb958c0cad30272daba9be6dbd4448f35c6bf041
SSDEEP

1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9AwkD2YelJ2OzI/8:jqBG0+4xlX9qNlmWhjUGwpd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  f43b7146e45f554e06dc43a8add02970N.exe
- Size
  
  89KB
- MD5
  
  f43b7146e45f554e06dc43a8add02970
- SHA1
  
  eadbcd92bd0999a5da93bf58ebb717414898914d
- SHA256
  
  27fdd21cafd2ae4866574dd164de56fdfe896dde66f8eede47266c7c4f610615
- SHA512
  
  6589d23866a03b4b63cff855e20da497e5f91b7bee08414d93330e8ce4f037e954f1d4adb96b2a86060fb1c0bb958c0cad30272daba9be6dbd4448f35c6bf041
- SSDEEP
  
  1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9AwkD2YelJ2OzI/8:jqBG0+4xlX9qNlmWhjUGwpd
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2