General
-
Target
DevolucionImpuestopiendenteTGR_16081.zip
-
Size
309KB
-
Sample
240822-rxw61avcmj
-
MD5
f925049f2e5239be705f58aaeab3f08e
-
SHA1
1021bae0eb6cf578306b8ce5dcce3d566c42b836
-
SHA256
dc626f8f3b32c1e751d02c3e881bdfdc701a8db9dcb11a424b68f69fd7c4ce5c
-
SHA512
d658e2c045670ca9fc02041796a961c8f1ab87a575ede85c01997c20038e4edd4778271477c9565c83073cd0aea0e0c89c9f734c6f957211f2a61ca51e88c5e5
-
SSDEEP
6144:H3a1YunFgHLuIJCIMmzEeX6f3MUI1Fuwa93ioZxkzQAqniu7jblEG5sQ71wJiZrm:qYuFgHd8I9zEa6vMUqk3ioHTPiuxH5sR
Behavioral task
behavioral1
Sample
DevolucionImpuestopiendenteTGR_16081.zip
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
DevolucionImpuestopiendenteTGR_16081.zip
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
-.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
-.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
DevolucionImpuestopiendenteTGR_b1Gz5R2UBS.cmd
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
DevolucionImpuestopiendenteTGR_b1Gz5R2UBS.cmd
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
DevolucionImpuestopiendenteTGR_16081.zip
-
Size
309KB
-
MD5
f925049f2e5239be705f58aaeab3f08e
-
SHA1
1021bae0eb6cf578306b8ce5dcce3d566c42b836
-
SHA256
dc626f8f3b32c1e751d02c3e881bdfdc701a8db9dcb11a424b68f69fd7c4ce5c
-
SHA512
d658e2c045670ca9fc02041796a961c8f1ab87a575ede85c01997c20038e4edd4778271477c9565c83073cd0aea0e0c89c9f734c6f957211f2a61ca51e88c5e5
-
SSDEEP
6144:H3a1YunFgHLuIJCIMmzEeX6f3MUI1Fuwa93ioZxkzQAqniu7jblEG5sQ71wJiZrm:qYuFgHd8I9zEa6vMUqk3ioHTPiuxH5sR
Score1/10 -
-
-
Target
-
-
Size
325KB
-
MD5
04704493bcdc4d0c1c9d0fd8ebf5afbc
-
SHA1
95d64b037a8d0c5d8318a7c1429d89529ac5c766
-
SHA256
28225c5622637cdaed8342e14560e8de7b53dd6ba145d973643fc4b5bdd67b75
-
SHA512
ed06b9f7931326ff6923b65e95db45931b21995aa8b52eb26f578017e5b60bee7139251bc3fedc65fc7becb7e1d7d4dfdaa17361d01d8d36ebd770c9142c5c8d
-
SSDEEP
6144:daVWdyzOxeA1DfdwX3MmIO12waD3ioZjkzQAqnee7j/lEm5sQ71oJwZzyIrz:dMROxdDfOnMmXa3ioVTPee9t5sgoJqrz
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
DevolucionImpuestopiendenteTGR_b1Gz5R2UBS.cmd
-
Size
3KB
-
MD5
437232fabe2b83b0d67647378088bc64
-
SHA1
7fd0ce07fe455f483d9714322f08e9f9c860aa4f
-
SHA256
1e74435045984691a9d8bce58101b8e3509c1031142b8aedd8f81d1c67eedbd2
-
SHA512
d975f69eca32d23781408118c66a3b8bd2a6c4006eca6ea78a7ef37f7d6cb7a88422e446ebf58e650f7e84ab7fbbcd299c7cc8ba3fb68d5a0daefeb141912f3d
Score8/10-
Blocklisted process makes network request
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-