General
-
Target
https://cdn.discordapp.com/attachments/1306410951045808168/1306418523181944873/Alaskan_Multi_Tool.exe?ex=67369890&is=67354710&hm=425fbfd6450d29b65ac8e3c3f29d04de434a948bdc4dfbd34d73bd498808d0c2&
-
Sample
241114-a6z6ksscrq
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://cdn.discordapp.com/attachments/1306410951045808168/1306418523181944873/Alaskan_Multi_Tool.exe?ex=67369890&is=67354710&hm=425fbfd6450d29b65ac8e3c3f29d04de434a948bdc4dfbd34d73bd498808d0c2&
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
https://cdn.discordapp.com/attachments/1306410951045808168/1306418523181944873/Alaskan_Multi_Tool.exe?ex=67369890&is=67354710&hm=425fbfd6450d29b65ac8e3c3f29d04de434a948bdc4dfbd34d73bd498808d0c2&
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-