General

  • Target

    ca4071b32d81b7e15183a89246053b64731408d41fa26412e5709b9bc94fd4e1

  • Size

    366KB

  • Sample

    241105-b9w4rsvjep

  • MD5

    2257f5e03a3458fc694791b84647bd97

  • SHA1

    08d21f2c8efc2897ee427003b24f347fc1c3f92a

  • SHA256

    ca4071b32d81b7e15183a89246053b64731408d41fa26412e5709b9bc94fd4e1

  • SHA512

    e430a2bd62e9b40b3db13384c251e34016e8682c1908624779f0fc8144b3e907b7aec8a948865a5abb170a89a67f810c5b7454ac3e876d2ab141c009c8913bf7

  • SSDEEP

    6144:Mfg11TFSnoc7tzrOIrgqKp9VjMd7vZL02dIHqEnuO6Hwf9J6DCFaN1m392tpmnsg:bPTInoc7tzrOIrgljcz1ELAwH1aNC2hg

Malware Config

Targets

    • Target

      adb98685d3d6a8fa5e90b6fd9d458601d874718d5815f8aab66728ba9d067440

    • Size

      773KB

    • MD5

      987d0f92ed9871031e0061e16e7bbac4

    • SHA1

      b69f3badc82b6da0ff311f9dc509bac244464332

    • SHA256

      adb98685d3d6a8fa5e90b6fd9d458601d874718d5815f8aab66728ba9d067440

    • SHA512

      f4ecf0bd996fd9aab99eba225bed9dbe2af3f8857a32bc9f0eda2c2fe8b468f5f853e68e96c029cf4cfd161409e072777db92a7502b58b541e0057b449f79770

    • SSDEEP

      24576:guuhBzW6ZEaA9WipcnEsbsX0GMeVTwLWKEq:1gzJG6EVT+Wlq

    • Modifies Windows Defender Real-time Protection settings

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks