e87738f9a7d9d4e7307a721df07da9ac53d927dc6921d585d6b46cca130ddd83 | Triage

Sharing

General

Target

e87738f9a7d9d4e7307a721df07da9ac53d927dc6921d585d6b46cca130ddd83
Size

89KB
Sample

241121-mt1mss1brg
MD5

8e1bb08da1f9c8ad8cabf3b9380d8f3a
SHA1

5bc3f92b76c9745308232c2fea22de826a087c8f
SHA256

e87738f9a7d9d4e7307a721df07da9ac53d927dc6921d585d6b46cca130ddd83
SHA512

ec212c24bf5a3a852ee31f2b6a014835133b465641519ca7d45bd24799516faa844274f3a06911a642c2da5f3219eb3d2f3633c26ade6d47adb80ec66049d846
SSDEEP

1536:GdWvtNFN+F+EchVsM/Vycyq1h6MtVYTjipvF2wI/KR11JdNqNY4X9/a:IW1NWcyq1hnbYvQd26xU/i

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e87738f9a7d9d4e7307a721df07da9ac53d927dc6921d585d6b46cca130ddd83
- Size
  
  89KB
- MD5
  
  8e1bb08da1f9c8ad8cabf3b9380d8f3a
- SHA1
  
  5bc3f92b76c9745308232c2fea22de826a087c8f
- SHA256
  
  e87738f9a7d9d4e7307a721df07da9ac53d927dc6921d585d6b46cca130ddd83
- SHA512
  
  ec212c24bf5a3a852ee31f2b6a014835133b465641519ca7d45bd24799516faa844274f3a06911a642c2da5f3219eb3d2f3633c26ade6d47adb80ec66049d846
- SSDEEP
  
  1536:GdWvtNFN+F+EchVsM/Vycyq1h6MtVYTjipvF2wI/KR11JdNqNY4X9/a:IW1NWcyq1hnbYvQd26xU/i
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2