5d027a536945d6d4d6d26fa9d1ffe44a4d6fdd3470fef63df964356068e84498 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a4e41c6e63bcc702fe7f7ff030cf210N
Size

68KB
Sample

240913-zxjvnszbjf
MD5

5a4e41c6e63bcc702fe7f7ff030cf210
SHA1

0bd2e684c7ad8987184000e410aaec838376f7fa
SHA256

5d027a536945d6d4d6d26fa9d1ffe44a4d6fdd3470fef63df964356068e84498
SHA512

ea9d9d0d93739ebcfb5d493eef7f85212256009b6b46a93eac9cba12dec40be3dee385bb41cf1b04fcff212a90d2d456f786afe3ae1af9064bb0ce7eff3ab12b
SSDEEP

1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9Awh:jqBG0+4xlX9qNlmWhjUGwh

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5a4e41c6e63bcc702fe7f7ff030cf210N
- Size
  
  68KB
- MD5
  
  5a4e41c6e63bcc702fe7f7ff030cf210
- SHA1
  
  0bd2e684c7ad8987184000e410aaec838376f7fa
- SHA256
  
  5d027a536945d6d4d6d26fa9d1ffe44a4d6fdd3470fef63df964356068e84498
- SHA512
  
  ea9d9d0d93739ebcfb5d493eef7f85212256009b6b46a93eac9cba12dec40be3dee385bb41cf1b04fcff212a90d2d456f786afe3ae1af9064bb0ce7eff3ab12b
- SSDEEP
  
  1536:jqBcjcygYu1nPyh0+mVVxlX9qNlmDWhX4eUH9Awh:jqBG0+4xlX9qNlmWhjUGwh
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2