01e1ba7da4ba0dab57d85b6d587032b746827773e607c77d5f6b0014df24b711 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01e1ba7da4ba0dab57d85b6d587032b746827773e607c77d5f6b0014df24b711
Size

92KB
Sample

240911-wq65vavgjb
MD5

6be009917289ab74d4e0030c26367323
SHA1

ae6908af66e3c3fdd462c4193934f25c59d9d58e
SHA256

01e1ba7da4ba0dab57d85b6d587032b746827773e607c77d5f6b0014df24b711
SHA512

c943ec2007d7335575c67ece62fe5d8cd7c2d8ea0d770832aa7bb344a105e291be877d6822f87fe1da0148118028e070015eb181ec9aa405238f859da0ff79af
SSDEEP

1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9AwkD2Y8T9NhOUws1MK:jqBG0+4xlX9qNlmWhjUGwdb

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  01e1ba7da4ba0dab57d85b6d587032b746827773e607c77d5f6b0014df24b711
- Size
  
  92KB
- MD5
  
  6be009917289ab74d4e0030c26367323
- SHA1
  
  ae6908af66e3c3fdd462c4193934f25c59d9d58e
- SHA256
  
  01e1ba7da4ba0dab57d85b6d587032b746827773e607c77d5f6b0014df24b711
- SHA512
  
  c943ec2007d7335575c67ece62fe5d8cd7c2d8ea0d770832aa7bb344a105e291be877d6822f87fe1da0148118028e070015eb181ec9aa405238f859da0ff79af
- SSDEEP
  
  1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9AwkD2Y8T9NhOUws1MK:jqBG0+4xlX9qNlmWhjUGwdb
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2