General
-
Target
download
-
Size
6KB
-
Sample
250702-x5d82sgj9v
-
MD5
3b33c11edb81868b3f3b44e3d35259ba
-
SHA1
10dffa35af24d670b92b695cb355e15d2be4ee44
-
SHA256
daf1c377fbc266ceb3cbf45620cbdcad927cac57189b0926d35e7a3d10ad47e4
-
SHA512
015544cc0ef9f29351fb654707dd2d1c673c72a87acc1ffa2648286195d2fd7406324be8427bd9cc81deb526a9f2988334307f26151b143cee66f544766378f0
-
SSDEEP
192:PN2VBWg6t8Ni0zxQSh0DBVky+YIki+yYew:Aqg6t8tzxhMkbYKeew
Static task
static1
Behavioral task
behavioral1
Sample
download.html
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
download
-
Size
6KB
-
MD5
3b33c11edb81868b3f3b44e3d35259ba
-
SHA1
10dffa35af24d670b92b695cb355e15d2be4ee44
-
SHA256
daf1c377fbc266ceb3cbf45620cbdcad927cac57189b0926d35e7a3d10ad47e4
-
SHA512
015544cc0ef9f29351fb654707dd2d1c673c72a87acc1ffa2648286195d2fd7406324be8427bd9cc81deb526a9f2988334307f26151b143cee66f544766378f0
-
SSDEEP
192:PN2VBWg6t8Ni0zxQSh0DBVky+YIki+yYew:Aqg6t8tzxhMkbYKeew
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-