Overview

overview

7

Static

static

3

Client-built.exe

windows7-x64

7

Client-built.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Client-built.exe

  • Size

    70.7MB

  • Sample

    231014-wgpt7sbh54

  • MD5

    074c03c4679dcfbc715d96cb0433800b

  • SHA1

    baafaed04049e31929463001a33fa026fd1fa274

  • SHA256

    676f9ccc5d0a81225d1de93948f06b670fbc98a955e70adb38a310f2e0d479a6

  • SHA512

    5476865c846e7f643c5117d3379d79d11ec7a818baf3cbd512b6707a8a5d8c317b8d7e7d1e246260473a85e102c6160bd4b68d9215534ce8b1fca09b4507372c

  • SSDEEP

    1572864:SJjoPLtyq3zKCamxTztdQa7nD0CTaEPDfJmzfT2eqxWAKdB6loS:SJwMqkmZ5djDcEPDozfT2l9CYlB

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Client-built.exe

    • Size

      70.7MB

    • MD5

      074c03c4679dcfbc715d96cb0433800b

    • SHA1

      baafaed04049e31929463001a33fa026fd1fa274

    • SHA256

      676f9ccc5d0a81225d1de93948f06b670fbc98a955e70adb38a310f2e0d479a6

    • SHA512

      5476865c846e7f643c5117d3379d79d11ec7a818baf3cbd512b6707a8a5d8c317b8d7e7d1e246260473a85e102c6160bd4b68d9215534ce8b1fca09b4507372c

    • SSDEEP

      1572864:SJjoPLtyq3zKCamxTztdQa7nD0CTaEPDfJmzfT2eqxWAKdB6loS:SJwMqkmZ5djDcEPDozfT2l9CYlB

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks