General
-
Target
Wave.exe
-
Size
29.2MB
-
Sample
240909-zkpkds1ema
-
MD5
53f62792c95ea15ad277bbbd476c4d2b
-
SHA1
2932b860b79ec5ec696d106e10a9fb3ec1579d0a
-
SHA256
40ceed725ff1b1a362975b294f164d085d230d79b793ab4309b6d11d365e4160
-
SHA512
8f0b4cc0d594e5cabef793d9753d5497db877b81841c859fffdc431dab582c2f288f5216ec56529c5b3b8ca9fdbb572ab78b8de20a15cc0f87a9f7686e32e02b
-
SSDEEP
786432:p9N7BdbBQJbTiumfSM2ocESWqE9XZ6+eRyfrchLoF:/Ntd6xTivfSIfqi9rchoF
Static task
static1
Behavioral task
behavioral1
Sample
Wave.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
Wave.exe
-
Size
29.2MB
-
MD5
53f62792c95ea15ad277bbbd476c4d2b
-
SHA1
2932b860b79ec5ec696d106e10a9fb3ec1579d0a
-
SHA256
40ceed725ff1b1a362975b294f164d085d230d79b793ab4309b6d11d365e4160
-
SHA512
8f0b4cc0d594e5cabef793d9753d5497db877b81841c859fffdc431dab582c2f288f5216ec56529c5b3b8ca9fdbb572ab78b8de20a15cc0f87a9f7686e32e02b
-
SSDEEP
786432:p9N7BdbBQJbTiumfSM2ocESWqE9XZ6+eRyfrchLoF:/Ntd6xTivfSIfqi9rchoF
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-