Overview

overview

6

Static

static

5

Company ca...le.exe

windows7-x64

6

Company ca...le.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d64a1cb22abb7d40d92d8a01604b0d9f2747471373c2d4253473dbc4390d81c

  • Size

    542KB

  • Sample

    241119-sczbasslcj

  • MD5

    3ca790dc9d2b777dab7dfb22edaa3bc0

  • SHA1

    393ee6e12a202f85e86660eed26ffb59708c741a

  • SHA256

    6d64a1cb22abb7d40d92d8a01604b0d9f2747471373c2d4253473dbc4390d81c

  • SHA512

    d4786a080e7b851314c3103203595497a7eecae2813741c8ccfa3d63e65cc85c261d45de7369197955273ec8202005b33063dddb81d65b168130ed70c585da6d

  • SSDEEP

    12288:+XMeDcH//sOV8jX46ioLIIVloeasgBvoKB3eN:+XMe6sOV8zLIrzBAOeN

Score
6/10
collectiondiscovery

Malware Config

Targets

    • Target

      Company catalog profile.exe

    • Size

      971KB

    • MD5

      50cf775aefc70bc2ae30b6886ab7ebc5

    • SHA1

      2553288bb0c43d21065703faa2bcd99c6936f979

    • SHA256

      790cc919cb938497ada201bc1bb0164880bb62adcfbcb70b5317830fc17c3979

    • SHA512

      9cc652ede63e45653c9ae9c3b9015b9fd816cd7e5db81269aa0b17e6f8bdf1614898f803cdabc4b9727c515906edf6dec6be5ca2d5bda2212bd5c36e726a2331

    • SSDEEP

      12288:Dtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaKTcoKBBz46A:Dtb20pkaCqT5TBWgNQ7aaHOz46A

    Score
    6/10
    collectiondiscovery

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks