Overview

overview

7

Static

static

3

Client.zip

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client.zip

  • Size

    436KB

  • Sample

    240904-117xcaxdkq

  • MD5

    73ca64bf5fa610aeb8f88d6ddf290fbe

  • SHA1

    f34b411d3fe61c4f19aca8b23b69334820486e72

  • SHA256

    88fe81af41c3cbd4912c0705cd35a3f0914556799f5c9bccfed3c549abed5e45

  • SHA512

    55db79c79357030b38b1eb111756833a05dba8eb8fd34e0910f7b16037d0bfda181f6268ac43674b6d6465a3fae167251fb334392b3fba37626ff70dcdef2da2

  • SSDEEP

    12288:Fo46nrgMkTtoxVTQbSSb9smfV+U+pDFvtHuNJZ0IuP+o:K46reMVTQLvt+UIv9u/3o

Score
7/10
discovery

Malware Config

Targets

    • Target

      Client.zip

    • Size

      436KB

    • MD5

      73ca64bf5fa610aeb8f88d6ddf290fbe

    • SHA1

      f34b411d3fe61c4f19aca8b23b69334820486e72

    • SHA256

      88fe81af41c3cbd4912c0705cd35a3f0914556799f5c9bccfed3c549abed5e45

    • SHA512

      55db79c79357030b38b1eb111756833a05dba8eb8fd34e0910f7b16037d0bfda181f6268ac43674b6d6465a3fae167251fb334392b3fba37626ff70dcdef2da2

    • SSDEEP

      12288:Fo46nrgMkTtoxVTQbSSb9smfV+U+pDFvtHuNJZ0IuP+o:K46reMVTQLvt+UIv9u/3o

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks