General

  • Target

    5fcc54f24bc9d816124647969960d8fc77864f2f664b4fd57340eaceb962ac27N.exe

  • Size

    711KB

  • Sample

    241217-gj8yjaslhy

  • MD5

    cb9be790acd6cb3c57049783556374d0

  • SHA1

    907a2ccb34a68cdfcc42ad6a23857c221eb799ed

  • SHA256

    5fcc54f24bc9d816124647969960d8fc77864f2f664b4fd57340eaceb962ac27

  • SHA512

    4b0df2648c570f8203dc3ba37a8fae72c814501df8727191858f88073cf5246d2f66969956c2c35a049341b2852650e073bef5c81df1b2ad3fe35595cc6e7019

  • SSDEEP

    12288:YmWhND9yJz+b1FcMLmp2ATTSsdsmWhND9yJz+b1FcMLmp2ATTSsdS:YmUNJyJqb1FcMap2ATT5qmUNJyJqb1FB

Malware Config

Extracted

Family

simda

Attributes
  • dga

    gatyfus.com

    lyvyxor.com

    vojyqem.com

    qetyfuv.com

    puvyxil.com

    gahyqah.com

    lyryfyd.com

    vocyzit.com

    qegyqaq.com

    purydyv.com

    gacyzuz.com

    lygymoj.com

    vowydef.com

    qexylup.com

    pufymoq.com

    gaqydeb.com

    lyxylux.com

    vofymik.com

    qeqysag.com

    puzylyp.com

    gadyniw.com

    lymysan.com

    volykyc.com

    qedynul.com

    pumypog.com

    galykes.com

    lysynur.com

    vonypom.com

    qekykev.com

    pupybul.com

Targets

    • Target

      5fcc54f24bc9d816124647969960d8fc77864f2f664b4fd57340eaceb962ac27N.exe

    • Size

      711KB

    • MD5

      cb9be790acd6cb3c57049783556374d0

    • SHA1

      907a2ccb34a68cdfcc42ad6a23857c221eb799ed

    • SHA256

      5fcc54f24bc9d816124647969960d8fc77864f2f664b4fd57340eaceb962ac27

    • SHA512

      4b0df2648c570f8203dc3ba37a8fae72c814501df8727191858f88073cf5246d2f66969956c2c35a049341b2852650e073bef5c81df1b2ad3fe35595cc6e7019

    • SSDEEP

      12288:YmWhND9yJz+b1FcMLmp2ATTSsdsmWhND9yJz+b1FcMLmp2ATTSsdS:YmUNJyJqb1FcMap2ATT5qmUNJyJqb1FB

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.