General
-
Target
IMAGE LOGGER 3.5.rar
-
Size
7.3MB
-
Sample
240924-rp9gcsydql
-
MD5
ecdd04ffc12c287a7240e2e0114d0204
-
SHA1
0dd2fce45d875cbdd78cd22c7d2cca0281c2e286
-
SHA256
ca889c0ef8a81e511b949b3cf7c2b51d378dda88f8cc545e46b292aa6bb4c49e
-
SHA512
47052797a76863cc290f48a9f68a244dbe7460a48106cb60807751c0fceee925e92763fdd32c68ca1b625f15981963538210a9b6cadeb829435d08370443be20
-
SSDEEP
196608:YivLbh70o9CsrpU9zwppJe6msDvAG/EcBNSj2Gar5:DvLVwSx6+KirAfcBWK
Behavioral task
behavioral1
Sample
IMAGE LOGGER 3.5.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
IMAGE LOGGER 3.5.exe
-
Size
10.0MB
-
MD5
d1f9a9801179ccadeba0ad3f17ae625c
-
SHA1
2f14fc55495bf64334d4f58f9502070e2d85bb11
-
SHA256
e554952326f15d85c11577f2841342fffb630d492de83799ef0457f2b19af8a1
-
SHA512
1e5fde6d994f7794346a36f0e34e029e806f65da3ff90db9844a444329def21834aa1372df44e47ff74bf66cdf43393b3fc1319a4c4bc5a55cf96415f9cb9ad6
-
SSDEEP
196608:Nw8POLjv+bhqNVoB0SEsucQZ41JBbIM11tW:+8PyL+9qz80SJHQK1Jx1vW
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-