Resubmissions

18-11-2024 23:11

241118-26b8assmcq 8

18-11-2024 22:54

241118-2vt9qsxame 8

General

  • Target

    oztye8a3t88nb35f.exe

  • Size

    10.1MB

  • Sample

    241118-26b8assmcq

  • MD5

    7d1755e8e41a6c2f08d2faeffdf9dad1

  • SHA1

    c04d89f1054f2ee34b548126a5add4eee4751ae4

  • SHA256

    44cf4321c138c4cacecc95deba735f508c96049e7f0e8f0538684dc4f0c1e9a5

  • SHA512

    b099238838b0d8b258529126b3c279ac735feff778d52c3117eb3cd587267a145a09bc1317fb412b2c810ea8b2232a8218fe459e33ac99f9b48decfdc62e4816

  • SSDEEP

    196608:PE1LTxbO313norADHLHhHiVulZ/KHNV4G:PyxbOFC8b/KtV4

Malware Config

Targets

    • Target

      oztye8a3t88nb35f.exe

    • Size

      10.1MB

    • MD5

      7d1755e8e41a6c2f08d2faeffdf9dad1

    • SHA1

      c04d89f1054f2ee34b548126a5add4eee4751ae4

    • SHA256

      44cf4321c138c4cacecc95deba735f508c96049e7f0e8f0538684dc4f0c1e9a5

    • SHA512

      b099238838b0d8b258529126b3c279ac735feff778d52c3117eb3cd587267a145a09bc1317fb412b2c810ea8b2232a8218fe459e33ac99f9b48decfdc62e4816

    • SSDEEP

      196608:PE1LTxbO313norADHLHhHiVulZ/KHNV4G:PyxbOFC8b/KtV4

    • Creates new service(s)

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks