Overview

overview

8

Static

static

1

http45.151...xe.txt

windows10-1703-x64

8

Resubmissions

24/08/2024, 19:10

240824-xvmgnsvarc 10

24/08/2024, 18:56

240824-xlh3wstfpb 4

23/08/2024, 11:21

240823-nf4mza1bqc 4

23/08/2024, 11:13

240823-nbkz3azhrc 10

23/08/2024, 11:10

240823-m9qsjashrq 4

22/08/2024, 07:12

240822-h1kgyaxfpj 1

22/08/2024, 07:06

240822-hxesaaxenm 10

22/08/2024, 07:00

240822-hs54nsxdln 10

22/08/2024, 06:36

240822-hc93patara 8

22/08/2024, 06:32

240822-ha293awfnl 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    http45.151.62.96setup.exe.txt

  • Size

    29B

  • Sample

    240822-hc93patara

  • MD5

    688fe12c2f39d3d739a04e6c89b1b22f

  • SHA1

    e2ea25ad47861e77b912026839666d3a99f5c90b

  • SHA256

    35e4cca77e38bd9beaf4a33c97a6f2464ca5ff63bbcf59831bd829b4683fda3c

  • SHA512

    f56694118d4adee2e0c65fb28c3ef86bc5db032656e2306e02e0f5b19706e260f0505ee97f5068d07ae5149a410a15eccd3ebc758d216a5549d7dc0de52834ac

Score
8/10
defense_evasiondiscoveryexecution

Malware Config

Targets

    • Target

      http45.151.62.96setup.exe.txt

    • Size

      29B

    • MD5

      688fe12c2f39d3d739a04e6c89b1b22f

    • SHA1

      e2ea25ad47861e77b912026839666d3a99f5c90b

    • SHA256

      35e4cca77e38bd9beaf4a33c97a6f2464ca5ff63bbcf59831bd829b4683fda3c

    • SHA512

      f56694118d4adee2e0c65fb28c3ef86bc5db032656e2306e02e0f5b19706e260f0505ee97f5068d07ae5149a410a15eccd3ebc758d216a5549d7dc0de52834ac

    Score
    8/10
    defense_evasiondiscoveryexecution

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Command and Scripting Interpreter: AutoIT

      Using AutoIT for possible automate script.

      execution

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks