General

  • Target

    19880648061.zip

  • Size

    278KB

  • Sample

    241112-qykzpasngs

  • MD5

    ba93984cf9a723a73d0f658c0d9044a6

  • SHA1

    92c0cd828ab49246f196b95b8b9faabbdf035fa7

  • SHA256

    9037b14e7142ad9e8c2d4d3de5026376c070e242a19640aa20fe87175d31f5e9

  • SHA512

    855e69443b7a2577e85b463fc0e1082680e69de10bf05fa8fadca4bf5c5c5d7f899d51b828e862490b5e013d7736239a249c18109b9a078a6407166b3594c3ca

  • SSDEEP

    6144:QxubbHf+aFAzXl9xs5pPVO4xd/v1iW74f6XtF/IR:Qsb+8CXlAd1xd/oS4f6XtOR

Malware Config

Targets

    • Target

      393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92

    • Size

      719KB

    • MD5

      c6f4e6ab48016a1efe0564874e876349

    • SHA1

      dd2f7a925aa5d0b5eb1f274a1ba002af05637844

    • SHA256

      393a30051036ddae7fc90f6ee1dd79889871a95b9346efc75a3bbd3ab1ffea92

    • SHA512

      af9dde2fec614d6db6e33b0d62583647c4d773dbf82820af99d51fcccc84b02fbc0f19062ae733a01f90bc628aa8c42a49d9f07e3d1cd66f0a836e1ca80e88ee

    • SSDEEP

      12288:HHiBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTU:niBjk38WuBcAbwoA/BkjSHXP36RMG

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks