Overview

overview

6

Static

static

5

Payment_tr...on.exe

windows7-x64

6

Payment_tr...on.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c93595e0873e7d9d9c497d9e7d98157b60c120762bc51ea7a01f5a1521e3fcea.7z

  • Size

    466KB

  • Sample

    241120-dxw94svjhm

  • MD5

    1405ebf48b348cb70f28805e00060494

  • SHA1

    3a52ed280b055ab49635825c632e04d317c3894d

  • SHA256

    c93595e0873e7d9d9c497d9e7d98157b60c120762bc51ea7a01f5a1521e3fcea

  • SHA512

    4c8a3db256c861a86602bb80058bf6ba6011efa5b2c35fbe7437b98d474ca63dd68103b660a7c35fd2c0d35e1e310bae44674274a4d23f8215ea67dcacd4de3c

  • SSDEEP

    12288:rDQGCNbrjIhMZ3GwDvLUR7kUfgCKY2vlnKwl:wLnBYwg7oCKznK6

Score
6/10
collectiondiscovery

Malware Config

Targets

    • Target

      Payment_transaction.exe

    • Size

      1.1MB

    • MD5

      75280d770b20a21d964ac26c0dbf047c

    • SHA1

      2f10f24322422d5cd2f38b0e680192a732d7455d

    • SHA256

      2382002f38b7558edbfaaa25ab025c7e6985829b544440011e438c7bcd17033f

    • SHA512

      f6171dd807d5410b95a36b959b4b4438d2cba244874053a8a6e0eb5787d08c988b647d79b5497cb494cdaaf80af687aa5b411ba67df7ded3a4079aac8a62dcf2

    • SSDEEP

      24576:Etb20pkaCqT5TBWgNQ7ah2LIcvBnKSd6A:tVg5tQ7ahncJnJ5

    Score
    6/10
    collectiondiscovery

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks