General

  • Target

    acc22c4ef54a9ce00e6a7be0016a0522bbe3ad8719ec1b5362f0a8b3124df312

  • Size

    676KB

  • Sample

    241118-hyz5ls1fna

  • MD5

    6db0e0efee103128e3c24b90fdf457c2

  • SHA1

    b5757767d503faaceb2abe0d764301e5fe13cced

  • SHA256

    acc22c4ef54a9ce00e6a7be0016a0522bbe3ad8719ec1b5362f0a8b3124df312

  • SHA512

    88dc630d142ac2d17427a1cfbade3c20b9ffaf6a91424214f832d5909220787853af090c1bb7da8446252eef4ddaa93cae4830a291fce0a9209146704a1e4c64

  • SSDEEP

    12288:5uBs5rkUPrDbFIlpScqx+at2p3woj8Bor0n2coMjvMZqoa4rRoj+wbX20cF2KbMB:5uBiYUPnbGFfj8BK0sMjUZqoaMuXbvca

Score
6/10

Malware Config

Targets

    • Target

      New Order Data sheet Page.exe

    • Size

      1.1MB

    • MD5

      47ee0bd61761d9430374149d29276602

    • SHA1

      08f9bd85abee4f197ca34f50852c72df045e02c9

    • SHA256

      da8ceb574f5be88505d4be66d55e9cd6a9fab4bee5d8ea00f7a9f6b2026ca1ed

    • SHA512

      ae577bc2c0eaa79650fdb4846e13d4f3fed96517ec3e4b295db5a62199428f28fce8e7294abea09339c8bc693f55c6c38607d67205fbd619a241402e2f285b1d

    • SSDEEP

      24576:Etb20pkaCqT5TBWgNQ7aW8JqogSufpvcFB1SdD+6A:tVg5tQ7aWaq0FXSd65

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks