d4b0cc69b0f59b89aa6b5eca4a30526b07c091a4fe0279d0a6e140e779e9f0cc | Triage

Sharing

General

Target

d4b0cc69b0f59b89aa6b5eca4a30526b07c091a4fe0279d0a6e140e779e9f0ccN
Size

75KB
Sample

240928-xmzf9s1eqr
MD5

de390e47a6cee477ad76e4ff0f20c1f0
SHA1

0ef6ded4deda1bb1fb7c5459866f263d48839b82
SHA256

d4b0cc69b0f59b89aa6b5eca4a30526b07c091a4fe0279d0a6e140e779e9f0cc
SHA512

7afd100f47c9cc8b00011f3428650e18b0542dd359f28093eb4c125c824311b598d0feff1db991f98ecc7f88f9c1f3170615f8c53492f3f9c611cc45f335ffe1
SSDEEP

1536:UyqAXcrg4uQHPSC/+C4O1xLXuGNl7DDhlQeU79WwxF3Wp:U3B/+UxLXuGNlHDhpUkwSp

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  d4b0cc69b0f59b89aa6b5eca4a30526b07c091a4fe0279d0a6e140e779e9f0ccN
- Size
  
  75KB
- MD5
  
  de390e47a6cee477ad76e4ff0f20c1f0
- SHA1
  
  0ef6ded4deda1bb1fb7c5459866f263d48839b82
- SHA256
  
  d4b0cc69b0f59b89aa6b5eca4a30526b07c091a4fe0279d0a6e140e779e9f0cc
- SHA512
  
  7afd100f47c9cc8b00011f3428650e18b0542dd359f28093eb4c125c824311b598d0feff1db991f98ecc7f88f9c1f3170615f8c53492f3f9c611cc45f335ffe1
- SSDEEP
  
  1536:UyqAXcrg4uQHPSC/+C4O1xLXuGNl7DDhlQeU79WwxF3Wp:U3B/+UxLXuGNlHDhpUkwSp
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2