General

  • Target

    e0672dfe3d6f0282ed4f3431725557910ed85929d5ce953780a4d0cabf015c9f

  • Size

    498KB

  • Sample

    241114-tclkwazqfy

  • MD5

    ad70acd3e0c73ddd546013e65aa2cffd

  • SHA1

    5408ae27e6fbe2f3b15c7ed86e11742fe60c8761

  • SHA256

    e0672dfe3d6f0282ed4f3431725557910ed85929d5ce953780a4d0cabf015c9f

  • SHA512

    0d463d7da5aa16ded3f3beb7520c4ebafb268881d77eb66719663675608f39120ea0d976bf6c66f2ef78bf869902fea33fbae54224ee9b5955e8707b56de4c2a

  • SSDEEP

    12288:bIct41DfNw8cNJJKMJd8Y82rXJRKYi816EJLjMq53IL:bbOfNwjvJjNRKxEZJLt5Q

Score
6/10

Malware Config

Targets

    • Target

      PO24254065.exe

    • Size

      1.1MB

    • MD5

      ea4183dbea4936349ba8ec4f47f1ec4a

    • SHA1

      fc8c32c079d4ef6c5741df069064ec4a7cb9b8c6

    • SHA256

      6b258769e63099305c2b162cbba7a1de999c19739276cb6d1872b97db5781d4c

    • SHA512

      d6bec461a76892c767789a05cad6b27d987297aadb7274f0125d2df6bb0f5eb5dca79a299b944b900f3155d34d4122ba87ca0b9d9ab32843ec3041b476fa9ca0

    • SSDEEP

      24576:/tb20pkaCqT5TBWgNQ7aE0kDPy53ndFTU6A:8Vg5tQ7aE0kq3o5

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks