General

  • Target

    02edb924b6c87e4db1df6ac92cfa27af4016d95449da50d97481ecf9e6b05f31.r01

  • Size

    493KB

  • Sample

    241115-cfqwbswhqj

  • MD5

    71696d907ed30cdc986672368882b9b1

  • SHA1

    206f65d28ce5c9a0846108572402ce4584eb43d7

  • SHA256

    02edb924b6c87e4db1df6ac92cfa27af4016d95449da50d97481ecf9e6b05f31

  • SHA512

    db0691f626e8b66d635a34d3949f1a62b22c210ea528f53e5c7fc30e33a07a386bb5a63d516304764cab6c586b5ac03ca78152c75389b94ce85d91a1c9243758

  • SSDEEP

    12288:wjhfPO+SyPbxS7TxCYi3JJLwp4kDOljjLDbYk2twxe:AjPNiTxCYaJJc4kDOlsk2twI

Score
6/10

Malware Config

Targets

    • Target

      PO NO17030099.exe

    • Size

      1.1MB

    • MD5

      007e2dc1e8e9471f6191e1a14a6a1d5a

    • SHA1

      8050ae700b07352d86b4f8f2652fe9a2e6fce40b

    • SHA256

      2a47814324ff25a37d975085cf9d1a0efd993b51179d2d7cae9bdd31d48b7e5a

    • SHA512

      a8085c9d6b1d71f9ee07c39caeee8131ecd857c110aae07821e50ba30601892209846092bccd1910d8beb79f30f2110490c0f56c097cee69d1de88dfcab7e71c

    • SSDEEP

      24576:Qtb20pkaCqT5TBWgNQ7aHm1Qr7RDcz9076A:ZVg5tQ7aH5xcE5

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks