General
-
Target
unnamed 1_1.0.1.0.vir
-
Size
688KB
-
Sample
200719-8e9ywjxzl2
-
MD5
01b86c6bdbe6272b7d12b677d6aadbb5
-
SHA1
23ac6317ee5aba4b9274316aa90bc869127ab30b
-
SHA256
eee761a6932c45c52e7ca0a901eee84191846058ddfb1973ea850400640808f6
-
SHA512
2dd48f3d0217a58a26f470cdb2d713350823b3a5ec633bb27617dad9cbe04a3bc472213a43615f12e6b879e32a02213e924bbfb4ff6f455a544d789746eac4c4
Static task
static1
Behavioral task
behavioral1
Sample
unnamed 1_1.0.1.0.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
unnamed 1_1.0.1.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
unnamed 1_1.0.1.0.vir
-
Size
688KB
-
MD5
01b86c6bdbe6272b7d12b677d6aadbb5
-
SHA1
23ac6317ee5aba4b9274316aa90bc869127ab30b
-
SHA256
eee761a6932c45c52e7ca0a901eee84191846058ddfb1973ea850400640808f6
-
SHA512
2dd48f3d0217a58a26f470cdb2d713350823b3a5ec633bb27617dad9cbe04a3bc472213a43615f12e6b879e32a02213e924bbfb4ff6f455a544d789746eac4c4
Score8/10-
Blacklisted process makes network request
-
Deletes itself
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-