8129d688f39b73b2b7e1da9c1bf2aeba90ad26469cc348c89453a84f209e864e | Triage

Sharing

General

Target

redirect
Size

6KB
Sample

240925-rca32aygqk
MD5

784a30bb8f34ab937b9195be59e0af44
SHA1

85e81c6c8e32612ff12fab5b3a3dc4a30a387aea
SHA256

8129d688f39b73b2b7e1da9c1bf2aeba90ad26469cc348c89453a84f209e864e
SHA512

3b7ae5d303c953fb4d33c3bcc82b5ab22296c85a1a1ec068f8a2fe073e85df127720e75975ddae6641fe200b6d7e5e48e0f9dcf9e63a1b117224041946653d78
SSDEEP

192:dUpHLxX7777/77QF7tyrK50Lod4BYCIkQOKXU7t:dcr5HYx0+CIkQOKXa

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  redirect
- Size
  
  6KB
- MD5
  
  784a30bb8f34ab937b9195be59e0af44
- SHA1
  
  85e81c6c8e32612ff12fab5b3a3dc4a30a387aea
- SHA256
  
  8129d688f39b73b2b7e1da9c1bf2aeba90ad26469cc348c89453a84f209e864e
- SHA512
  
  3b7ae5d303c953fb4d33c3bcc82b5ab22296c85a1a1ec068f8a2fe073e85df127720e75975ddae6641fe200b6d7e5e48e0f9dcf9e63a1b117224041946653d78
- SSDEEP
  
  192:dUpHLxX7777/77QF7tyrK50Lod4BYCIkQOKXU7t:dcr5HYx0+CIkQOKXa
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2