General

  • Target

    614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991

  • Size

    1.0MB

  • Sample

    241117-nas92ssreq

  • MD5

    0c8331bea6b002a9ad465fce44ceeb1e

  • SHA1

    78ac4cc95bce2e8e9de69d6faaef6758838d944d

  • SHA256

    614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991

  • SHA512

    cd8aa3db2e6f38905fdd78be9554ac1cbaa25878bf8b4c7b6f9f4dbbcb768b218ca60d8f3d69df9c176932552dab5f50c63583c077501766610d4d5195593d5a

  • SSDEEP

    24576:ptb20pkaCqT5TBWgNQ7ah/CROKwuw8bZJvD6A:6Vg5tQ7ah/CUVqFF5

Score
6/10

Malware Config

Targets

    • Target

      614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991

    • Size

      1.0MB

    • MD5

      0c8331bea6b002a9ad465fce44ceeb1e

    • SHA1

      78ac4cc95bce2e8e9de69d6faaef6758838d944d

    • SHA256

      614a101bdc8e6bba615a65adbbaab1ae584c1087c6cab7c6bf0d74bf21b57991

    • SHA512

      cd8aa3db2e6f38905fdd78be9554ac1cbaa25878bf8b4c7b6f9f4dbbcb768b218ca60d8f3d69df9c176932552dab5f50c63583c077501766610d4d5195593d5a

    • SSDEEP

      24576:ptb20pkaCqT5TBWgNQ7ah/CROKwuw8bZJvD6A:6Vg5tQ7ah/CUVqFF5

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks