5f9ef50c64a2a702e38b3a684cf2e5e1f24dca2d71b56d097262913ed6466318 | Triage

Sharing

General

Target

5f9ef50c64a2a702e38b3a684cf2e5e1f24dca2d71b56d097262913ed6466318N
Size

68KB
Sample

241017-yvf6bstdnf
MD5

456c408cd1d72f9ca7974483cdfc2f40
SHA1

b753d4c32e82f51122f874ce50406ba272a7b7cb
SHA256

5f9ef50c64a2a702e38b3a684cf2e5e1f24dca2d71b56d097262913ed6466318
SHA512

5ec617169281947db05cf28556f984a723448ba3788712f455b9da455ea543783267dcf8b7197f75aabb953394aa0065cde3c240dd0ef66717dfd043c8ba1c21
SSDEEP

1536:t0GIXAic1p4Ox5/P6471d+oNQvX7XLUNmAVqxh22zkZ5ZZ:iX9071d+97XLUNmKqVz0Z

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5f9ef50c64a2a702e38b3a684cf2e5e1f24dca2d71b56d097262913ed6466318N
- Size
  
  68KB
- MD5
  
  456c408cd1d72f9ca7974483cdfc2f40
- SHA1
  
  b753d4c32e82f51122f874ce50406ba272a7b7cb
- SHA256
  
  5f9ef50c64a2a702e38b3a684cf2e5e1f24dca2d71b56d097262913ed6466318
- SHA512
  
  5ec617169281947db05cf28556f984a723448ba3788712f455b9da455ea543783267dcf8b7197f75aabb953394aa0065cde3c240dd0ef66717dfd043c8ba1c21
- SSDEEP
  
  1536:t0GIXAic1p4Ox5/P6471d+oNQvX7XLUNmAVqxh22zkZ5ZZ:iX9071d+97XLUNmKqVz0Z
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2