General
-
Target
System_Updater.exe
-
Size
8.2MB
-
Sample
241109-qjjs3sverq
-
MD5
c40a7d89207d485bb26ae47c8188ab69
-
SHA1
37a6b1670d7b045c9d9504802e6f19ccb45ac74d
-
SHA256
f91ef555de00d1c3c0d8dd9111610f69d28d54987c3831a383431f7414321847
-
SHA512
58d81ce4975cd675039017e97a2407debdc7864eb9ac6b70e07b7b745a0aefb54045a8633db451e72372f54c3473521b090c50b938e74cdfccb801cc95d0943b
-
SSDEEP
196608:ZxY2OshoKMuIkhVastRL5Di3tnSEMe9SPJ/:7Y2OshouIkPftRL540go/
Malware Config
Targets
-
-
Target
System_Updater.exe
-
Size
8.2MB
-
MD5
c40a7d89207d485bb26ae47c8188ab69
-
SHA1
37a6b1670d7b045c9d9504802e6f19ccb45ac74d
-
SHA256
f91ef555de00d1c3c0d8dd9111610f69d28d54987c3831a383431f7414321847
-
SHA512
58d81ce4975cd675039017e97a2407debdc7864eb9ac6b70e07b7b745a0aefb54045a8633db451e72372f54c3473521b090c50b938e74cdfccb801cc95d0943b
-
SSDEEP
196608:ZxY2OshoKMuIkhVastRL5Di3tnSEMe9SPJ/:7Y2OshouIkPftRL540go/
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-