Overview

overview

6

Static

static

3

hentaify.exe

windows7-x64

1

hentaify.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hentaify.exe

  • Size

    6.9MB

  • Sample

    241013-tvm7eszfpm

  • MD5

    e8cf0ef6476bdf2318d144bc812ab47a

  • SHA1

    c895180a4a0e209fd8fd8b164fa178639acd32e4

  • SHA256

    20925f1f298f2e74dc5134ac5698713ff76e50677860aa8e85a482a6a33c4c19

  • SHA512

    a8221086e9313f6be84fb37c8ddcdc1d5c1dd7334e9a7d7d822a413db7f2beb3d7ba781be79d5a5d1f31f6feef310a0f6d0ddf9f90a80b8b0b777033c24ba0d1

  • SSDEEP

    98304:avn+j5gRxm0mmnCkPMl6ygdafYr1+G3+nZ4UksL98So8Y2++qs:avQ5gDRmmCkEl6PPM7b98h8Yl

Score
6/10
discovery

Malware Config

Targets

    • Target

      hentaify.exe

    • Size

      6.9MB

    • MD5

      e8cf0ef6476bdf2318d144bc812ab47a

    • SHA1

      c895180a4a0e209fd8fd8b164fa178639acd32e4

    • SHA256

      20925f1f298f2e74dc5134ac5698713ff76e50677860aa8e85a482a6a33c4c19

    • SHA512

      a8221086e9313f6be84fb37c8ddcdc1d5c1dd7334e9a7d7d822a413db7f2beb3d7ba781be79d5a5d1f31f6feef310a0f6d0ddf9f90a80b8b0b777033c24ba0d1

    • SSDEEP

      98304:avn+j5gRxm0mmnCkPMl6ygdafYr1+G3+nZ4UksL98So8Y2++qs:avQ5gDRmmCkEl6PPM7b98h8Yl

    Score
    6/10
    discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks