General
-
Target
BlazeX_By.exe
-
Size
7.7MB
-
Sample
241130-jnt2aasrej
-
MD5
d70c789ed16b7b55ea10ccee2e37387c
-
SHA1
b8e5daaa02437fb9af04e702440f108c6388911d
-
SHA256
ef0888925096274d03a0189b7cc19c54226c6d2a1215714dd28f86b4c5b8f700
-
SHA512
0e0f795f2f3b41579701899737b8b28d02824f35ead9ae58704d5886b496521f741fe4781a0723f702330095bb14028094a2995c1c8e045832893866be0d6b0a
-
SSDEEP
196608:de0dXeNTfm/pf+xk4dNSESRpmrbW3jmrA:oy/pWu4m5RpmrbmyrA
Malware Config
Targets
-
-
Target
BlazeX_By.exe
-
Size
7.7MB
-
MD5
d70c789ed16b7b55ea10ccee2e37387c
-
SHA1
b8e5daaa02437fb9af04e702440f108c6388911d
-
SHA256
ef0888925096274d03a0189b7cc19c54226c6d2a1215714dd28f86b4c5b8f700
-
SHA512
0e0f795f2f3b41579701899737b8b28d02824f35ead9ae58704d5886b496521f741fe4781a0723f702330095bb14028094a2995c1c8e045832893866be0d6b0a
-
SSDEEP
196608:de0dXeNTfm/pf+xk4dNSESRpmrbW3jmrA:oy/pWu4m5RpmrbmyrA
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-