86b196da8b6f666ff590a82fd85f86c1617e6d829ca2dcaab7f58c1c838ad71b | Triage

Sharing

General

Target

64fedf40a64790ecd275187460389c40N
Size

69KB
Sample

240913-atp5vavbrc
MD5

64fedf40a64790ecd275187460389c40
SHA1

dd91448f60a15a61b676e7ca9c2b292528e5691b
SHA256

86b196da8b6f666ff590a82fd85f86c1617e6d829ca2dcaab7f58c1c838ad71b
SHA512

a9c26a35d6a7108eb6b195a30184cf7e3e42c21b1ad056ce7b94c1ab2b94da57c7219d2213632a1eb78543b674605d4f85a25d4d3df75c5646416394ec2d61b0
SSDEEP

1536:5OYV9aUjJucIQgu1vPIWE+b2SoJX1LNdAWNjtDTGUnqrs7kC:8URE+VoJX1LNdVVtOU6sIC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  64fedf40a64790ecd275187460389c40N
- Size
  
  69KB
- MD5
  
  64fedf40a64790ecd275187460389c40
- SHA1
  
  dd91448f60a15a61b676e7ca9c2b292528e5691b
- SHA256
  
  86b196da8b6f666ff590a82fd85f86c1617e6d829ca2dcaab7f58c1c838ad71b
- SHA512
  
  a9c26a35d6a7108eb6b195a30184cf7e3e42c21b1ad056ce7b94c1ab2b94da57c7219d2213632a1eb78543b674605d4f85a25d4d3df75c5646416394ec2d61b0
- SSDEEP
  
  1536:5OYV9aUjJucIQgu1vPIWE+b2SoJX1LNdAWNjtDTGUnqrs7kC:8URE+VoJX1LNdVVtOU6sIC
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2