General
-
Target
mer.exe
-
Size
7.6MB
-
Sample
241212-wef5aatnfp
-
MD5
11d404d0d88ee6f183024574f3bc8818
-
SHA1
78f6d24c4868e4d02c3f5cd684df75fabb23b7ee
-
SHA256
d1c215225e99efdb97cce8c37f3d48eaec05dadd3e45ef7d7d9ac68ebd4ed5d5
-
SHA512
83dc4abd4b14809fb628df5f0b2a7f6a9fa40eaf6e3e3b5aaf362021824085533903efc509c641c711fd96265011fe3f297aa7126d0c01172d238e0c942ce4e1
-
SSDEEP
196608:BiHYTCwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jn:zBIHziK1piXLGVE4Ue0VJj
Behavioral task
behavioral1
Sample
mer.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
mer.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
mer.exe
-
Size
7.6MB
-
MD5
11d404d0d88ee6f183024574f3bc8818
-
SHA1
78f6d24c4868e4d02c3f5cd684df75fabb23b7ee
-
SHA256
d1c215225e99efdb97cce8c37f3d48eaec05dadd3e45ef7d7d9ac68ebd4ed5d5
-
SHA512
83dc4abd4b14809fb628df5f0b2a7f6a9fa40eaf6e3e3b5aaf362021824085533903efc509c641c711fd96265011fe3f297aa7126d0c01172d238e0c942ce4e1
-
SSDEEP
196608:BiHYTCwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jn:zBIHziK1piXLGVE4Ue0VJj
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-