General

  • Target

    39783e1d7bb81622b6951ca0019fb51d97ff7f00c12b435de55a82bea6e595a2

  • Size

    929KB

  • Sample

    241116-rd4rqs1rbm

  • MD5

    48cce7febbf2e3f34b2251f6bd7a4a76

  • SHA1

    351b09d7205f6d234776ea9a7b7c585c48383b2a

  • SHA256

    39783e1d7bb81622b6951ca0019fb51d97ff7f00c12b435de55a82bea6e595a2

  • SHA512

    12d5362bc73f5e448309311425a96f92d5f9c0b03ec17703507f6c8322dc49a4e487b10b6c52e7a26e8edc89a3dc2cd08a5a8c279bd5451af7dff3ea0d2c5e58

  • SSDEEP

    12288:ptb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaM7xcRNToQJ/T6A:ptb20pkaCqT5TBWgNQ7aUxKxoQlT6A

Score
6/10

Malware Config

Targets

    • Target

      39783e1d7bb81622b6951ca0019fb51d97ff7f00c12b435de55a82bea6e595a2

    • Size

      929KB

    • MD5

      48cce7febbf2e3f34b2251f6bd7a4a76

    • SHA1

      351b09d7205f6d234776ea9a7b7c585c48383b2a

    • SHA256

      39783e1d7bb81622b6951ca0019fb51d97ff7f00c12b435de55a82bea6e595a2

    • SHA512

      12d5362bc73f5e448309311425a96f92d5f9c0b03ec17703507f6c8322dc49a4e487b10b6c52e7a26e8edc89a3dc2cd08a5a8c279bd5451af7dff3ea0d2c5e58

    • SSDEEP

      12288:ptb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaM7xcRNToQJ/T6A:ptb20pkaCqT5TBWgNQ7aUxKxoQlT6A

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks