General
-
Target
free hecks.exe
-
Size
20.2MB
-
Sample
241103-zw52hstmby
-
MD5
53b134826d5c036f87e2acc22b10b159
-
SHA1
50c698af25e92c46d78e04519454389fca9795fb
-
SHA256
0e414694d08123f2f0639603ff0f3c8105554653d393a20d42b295cc74882244
-
SHA512
bbfc7ee8e65fe2209b0f4186c5eb1309940b804694e746f96bcfa050bc41654e14b727923d934b459676d2cfe4747b3f2c9ab4ec3cef005f4ccbbf1a7e154c3b
-
SSDEEP
393216:q2L7Y1RtByxjXBYFzLNHyZOOOOOOOOOOOOOn3F7nSGt7G/8MQc/jTiNV2ZgZdZnL:UtAj2PyUln+PQajEV2Z23F
Behavioral task
behavioral1
Sample
free hecks.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
free hecks.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
free hecks.exe
-
Size
20.2MB
-
MD5
53b134826d5c036f87e2acc22b10b159
-
SHA1
50c698af25e92c46d78e04519454389fca9795fb
-
SHA256
0e414694d08123f2f0639603ff0f3c8105554653d393a20d42b295cc74882244
-
SHA512
bbfc7ee8e65fe2209b0f4186c5eb1309940b804694e746f96bcfa050bc41654e14b727923d934b459676d2cfe4747b3f2c9ab4ec3cef005f4ccbbf1a7e154c3b
-
SSDEEP
393216:q2L7Y1RtByxjXBYFzLNHyZOOOOOOOOOOOOOn3F7nSGt7G/8MQc/jTiNV2ZgZdZnL:UtAj2PyUln+PQajEV2Z23F
-
Drops startup file
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1