Overview

overview

8

Static

static

3

build.exe

windows7-x64

8

build.exe

windows10-2004-x64

8

Resubmissions

22/11/2023, 02:48

231122-dalj4ahg65 8

21/11/2023, 22:51

231121-2s5yfshg61 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.exe

  • Size

    209KB

  • Sample

    231122-dalj4ahg65

  • MD5

    aa90f740f20462601a90fafdf37a4b82

  • SHA1

    a023179e41c2d6d0d809b5bf37bb84e0d5f40d1d

  • SHA256

    3d6f60107b831b2c10f7788c2c47f9ca6c3804b42f83e77c6e5e9993b7392378

  • SHA512

    c9dd8ea396aa2386eee6024dc0d5fcf0bb5083613aa171935369771177131e59f9206b8eb5174f29f432048120118f59749ce80ee65ba9cb8bfddb53f8389b3c

  • SSDEEP

    3072:tDO17emGta474RR+LJu0QFwyJXI6eWNrGIXm5Vs2aCNGBQZXXv/xs:oemqa47wRwJutFty6nrGGAN9N5R

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      build.exe

    • Size

      209KB

    • MD5

      aa90f740f20462601a90fafdf37a4b82

    • SHA1

      a023179e41c2d6d0d809b5bf37bb84e0d5f40d1d

    • SHA256

      3d6f60107b831b2c10f7788c2c47f9ca6c3804b42f83e77c6e5e9993b7392378

    • SHA512

      c9dd8ea396aa2386eee6024dc0d5fcf0bb5083613aa171935369771177131e59f9206b8eb5174f29f432048120118f59749ce80ee65ba9cb8bfddb53f8389b3c

    • SSDEEP

      3072:tDO17emGta474RR+LJu0QFwyJXI6eWNrGIXm5Vs2aCNGBQZXXv/xs:oemqa47wRwJutFty6nrGGAN9N5R

    Score
    8/10
    discoveryspywarestealer

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks