d9dbfbc8294cbf6a32d43413ed328594ee058d7356c26eb5cd196f9f4867c078 | Triage

Sharing

General

Target

66ed86be077bb_12.exe
Size

10.3MB
Sample

240925-yllz8axfpg
MD5

489f9c4fc0afa8d1be37bc5e2f57833b
SHA1

c2bac602a73c19b345b64e0b7cf2f837be307b61
SHA256

d9dbfbc8294cbf6a32d43413ed328594ee058d7356c26eb5cd196f9f4867c078
SHA512

7f43d972f58a025d09143c57351221fe7b10c1756a0c5578ac42698c21ea05986d4bbc0c7ff4be339c2d0930b505e4f4dda53c0800d84b059a21be938adb678e
SSDEEP

196608:I7A71NIOC732QZMymBHd+3WGeFdJJMGHPP/CPZ5za/+qKcDxNY5fv7RFHnTKm:IA5NIOC73RdmB9+ReFV/m5zQAfHHTF

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  66ed86be077bb_12.exe
- Size
  
  10.3MB
- MD5
  
  489f9c4fc0afa8d1be37bc5e2f57833b
- SHA1
  
  c2bac602a73c19b345b64e0b7cf2f837be307b61
- SHA256
  
  d9dbfbc8294cbf6a32d43413ed328594ee058d7356c26eb5cd196f9f4867c078
- SHA512
  
  7f43d972f58a025d09143c57351221fe7b10c1756a0c5578ac42698c21ea05986d4bbc0c7ff4be339c2d0930b505e4f4dda53c0800d84b059a21be938adb678e
- SSDEEP
  
  196608:I7A71NIOC732QZMymBHd+3WGeFdJJMGHPP/CPZ5za/+qKcDxNY5fv7RFHnTKm:IA5NIOC73RdmB9+ReFV/m5zQAfHHTF
Score

6^/10

discovery
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2