6f931f392190e906d97d292bae2e4830141f369b3544c458fdd9c5f41e105e00 | Triage

Sharing

General

Target

6f931f392190e906d97d292bae2e4830141f369b3544c458fdd9c5f41e105e00N
Size

46KB
Sample

240928-gvy8gatajb
MD5

1054f2e57c95c2e475c62a03876546c0
SHA1

7db72e4ec173aa4e5b77273a03817a3afbe07fe5
SHA256

6f931f392190e906d97d292bae2e4830141f369b3544c458fdd9c5f41e105e00
SHA512

770c53d6a78b72770d8b8809a054e5872d9c0f34ba86b850340dd7eecbdf4a13130e7bec2634bcdc010809ed120d00b27e3bbc0a886cfef8d3d4a0a0f28cc1a4
SSDEEP

768:9Y8ZGkv7+1VV+om9CKfi7tJ/4BKh1bmQLxdU2+Hkl6mv/j4iY:6eGkv7+1W9CKfi7tJ/4wHvLxt+s6AjC

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6f931f392190e906d97d292bae2e4830141f369b3544c458fdd9c5f41e105e00N
- Size
  
  46KB
- MD5
  
  1054f2e57c95c2e475c62a03876546c0
- SHA1
  
  7db72e4ec173aa4e5b77273a03817a3afbe07fe5
- SHA256
  
  6f931f392190e906d97d292bae2e4830141f369b3544c458fdd9c5f41e105e00
- SHA512
  
  770c53d6a78b72770d8b8809a054e5872d9c0f34ba86b850340dd7eecbdf4a13130e7bec2634bcdc010809ed120d00b27e3bbc0a886cfef8d3d4a0a0f28cc1a4
- SSDEEP
  
  768:9Y8ZGkv7+1VV+om9CKfi7tJ/4BKh1bmQLxdU2+Hkl6mv/j4iY:6eGkv7+1W9CKfi7tJ/4wHvLxt+s6AjC
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2