94e9431789ddd3ba6e910053790bd126d43439404254faeb4a66941dbd061213 | Triage

Resubmissions

05-10-2024 15:05

241005-sf8zxazfna 7

05-10-2024 15:02

241005-sesxaszfle 3

Sharing

General

Target

spoofer.exe
Size

18.6MB
Sample

241005-sf8zxazfna
MD5

65e4a56f0470b56cbb754bb1d910a480
SHA1

216b062f017a484bbfd8bcdf8957836eb1017c78
SHA256

94e9431789ddd3ba6e910053790bd126d43439404254faeb4a66941dbd061213
SHA512

e9256791635ce0eb8d82779a415488772999a89849beb9f79d35a8eb9ee3b87703b597b34e4623df0717aff861da03d46fd0f7227cbe4c107ae9246ef2b3cbe0
SSDEEP

393216:5a59h1CLAM/vYDuVAoDjakkwYpebelQgh9Ctx0nWjEp1z:5aAAy2oD7Y4bMQg3Ctx0nWjg

Score

7^/10

Malware Config

Targets

- Target
  
  spoofer.exe
- Size
  
  18.6MB
- MD5
  
  65e4a56f0470b56cbb754bb1d910a480
- SHA1
  
  216b062f017a484bbfd8bcdf8957836eb1017c78
- SHA256
  
  94e9431789ddd3ba6e910053790bd126d43439404254faeb4a66941dbd061213
- SHA512
  
  e9256791635ce0eb8d82779a415488772999a89849beb9f79d35a8eb9ee3b87703b597b34e4623df0717aff861da03d46fd0f7227cbe4c107ae9246ef2b3cbe0
- SSDEEP
  
  393216:5a59h1CLAM/vYDuVAoDjakkwYpebelQgh9Ctx0nWjEp1z:5aAAy2oD7Y4bMQg3Ctx0nWjg
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2