General
-
Target
https://objects.githubusercontent.com/github-production-release-asset-2e65be/468282768/b805d0b6-8973-4fa6-8b5e-c37af2075037?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241030T152032Z&X-Amz-Expires=300&X-Amz-Signature=2b300efe882f55895b03a6680744bea23a878ae590b4481cd42cb67d3f163a13&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DTrafficerMC-3.1-windows-x64.exe&response-content-type=application%2Foctet-stream
-
Sample
241030-ssx36sxngr
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://objects.githubusercontent.com/github-production-release-asset-2e65be/468282768/b805d0b6-8973-4fa6-8b5e-c37af2075037?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241030T152032Z&X-Amz-Expires=300&X-Amz-Signature=2b300efe882f55895b03a6680744bea23a878ae590b4481cd42cb67d3f163a13&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DTrafficerMC-3.1-windows-x64.exe&response-content-type=application%2Foctet-stream
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
https://objects.githubusercontent.com/github-production-release-asset-2e65be/468282768/b805d0b6-8973-4fa6-8b5e-c37af2075037?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241030T152032Z&X-Amz-Expires=300&X-Amz-Signature=2b300efe882f55895b03a6680744bea23a878ae590b4481cd42cb67d3f163a13&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DTrafficerMC-3.1-windows-x64.exe&response-content-type=application%2Foctet-stream
Resource
android-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
https://objects.githubusercontent.com/github-production-release-asset-2e65be/468282768/b805d0b6-8973-4fa6-8b5e-c37af2075037?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241030%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241030T152032Z&X-Amz-Expires=300&X-Amz-Signature=2b300efe882f55895b03a6680744bea23a878ae590b4481cd42cb67d3f163a13&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3DTrafficerMC-3.1-windows-x64.exe&response-content-type=application%2Foctet-stream
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-