General
-
Target
19880648061.zip
-
Size
278KB
-
Sample
241112-qykzpasngs
-
MD5
ba93984cf9a723a73d0f658c0d9044a6
-
SHA1
92c0cd828ab49246f196b95b8b9faabbdf035fa7
-
SHA256
9037b14e7142ad9e8c2d4d3de5026376c070e242a19640aa20fe87175d31f5e9
-
SHA512
855e69443b7a2577e85b463fc0e1082680e69de10bf05fa8fadca4bf5c5c5d7f899d51b828e862490b5e013d7736239a249c18109b9a078a6407166b3594c3ca
-
SSDEEP
6144:QxubbHf+aFAzXl9xs5pPVO4xd/v1iW74f6XtF/IR:Qsb+8CXlAd1xd/oS4f6XtOR
Static task
static1
Behavioral task
behavioral1
Sample
393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92
-
Size
719KB
-
MD5
c6f4e6ab48016a1efe0564874e876349
-
SHA1
dd2f7a925aa5d0b5eb1f274a1ba002af05637844
-
SHA256
393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92
-
SHA512
af9dde2fec614d6db6e33b0d62583647c4d773dbf82820af99d51fcccc84b02fbc0f19062ae733a01f90bc628aa8c42a49d9f07e3d1cd66f0a836e1ca80e88ee
-
SSDEEP
12288:HHiBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTU:niBjk38WuBcAbwoA/BkjSHXP36RMG
Score6/10-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1