Overview

overview

10

Static

static

10

Built.exe

windows7-x64

7

Built.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Built.exe

  • Size

    7.3MB

  • Sample

    231105-kzss2afd94

  • MD5

    b72d02e1719f97f0d4f706cdf57fe9b9

  • SHA1

    7307d333831611ad422f7d3c9e7c646e6d31217b

  • SHA256

    680a9d783824d57601cdbf1b5443e778228a7b24ff01423a759516492621f291

  • SHA512

    87a9860af7853332720b5bd6559589bdb47082a5c3cc58f2853015845cf0ce2fbaffe288272dd10ca3e5befc22552beb5ad0d57038412c45e51ca768dccae4d9

  • SSDEEP

    196608:ImYS6KOshoKMuIkhVastRL5Di3ue1D730Z:HYSrOshouIkPftRL54fREZ

Score
10/10
blankgrabberupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      7.3MB

    • MD5

      b72d02e1719f97f0d4f706cdf57fe9b9

    • SHA1

      7307d333831611ad422f7d3c9e7c646e6d31217b

    • SHA256

      680a9d783824d57601cdbf1b5443e778228a7b24ff01423a759516492621f291

    • SHA512

      87a9860af7853332720b5bd6559589bdb47082a5c3cc58f2853015845cf0ce2fbaffe288272dd10ca3e5befc22552beb5ad0d57038412c45e51ca768dccae4d9

    • SSDEEP

      196608:ImYS6KOshoKMuIkhVastRL5Di3ue1D730Z:HYSrOshouIkPftRL54fREZ

    Score
    7/10
    upx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks