General
-
Target
bffa662eb9d5541fcd31c45c3de688d750aafa30900342523444db0a664c5054
-
Size
807KB
-
Sample
241107-sp1pwsvcpj
-
MD5
150b42efdbbdce04d66634b8167780e1
-
SHA1
9d36a1089bb16fa3bef90501df1f03dd90119cd2
-
SHA256
bffa662eb9d5541fcd31c45c3de688d750aafa30900342523444db0a664c5054
-
SHA512
c66652ab1e7b53e482af7f3a56bdb4503cdf68a371655ea48ed8a624fea44c3aa046c5fdb51d2391dbdec50518169a039e58f260ae441dd1080b1ffe98a1163b
-
SSDEEP
24576:dt7Y8R39qYXC6ruz7EFvx3EF/c34IpV6TpQv9Z6z:dt7Y89qYXC6ruz7Sw0ZKTiv+z
Static task
static1
Behavioral task
behavioral1
Sample
Quote.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Quote.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Quote.exe
-
Size
1.1MB
-
MD5
5bd138c48435c8ce360cce3882b0d97a
-
SHA1
8327b8e546c18ceedee51ebd7fc81e9026588acf
-
SHA256
275b87b38617ceee81d0ae60d45795b413982680b572298273fc86399617368a
-
SHA512
5b636775b3e3124db5b8121d955a08c01f96db7ac06dd9d506be21cfa54b393b5f5e78b754776a82ba969ff0bf34cda4bd435e679198725f9ac05c79020490b8
-
SSDEEP
24576:pRmJkcoQricOIQxiZY1iaXURlXV6V/e3E6rJmppcxBZUB:mJZoQrbTFZY1iaXEKGdopuxkB
Score7/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-