General
-
Target
uifgrgygfbvhfilyvbfuzsr.exe
-
Size
134.8MB
-
Sample
240511-bx1lesgd28
-
MD5
af8b0b1f7fbb86641bd5a65c22dd970b
-
SHA1
f9f0a38e35547fe1fe8650cbbb56e4a189773b31
-
SHA256
8fdc2b6aed81853502ff8535f010ec1c1f9ab6f86ac222574afb97a184ddf045
-
SHA512
f6c5e489cf105ef2b4a9e5e3aa6ff34b66afec2046fc7d3e50c7f271a711becf333b2ed4a7594f2fb1c3679d717be55e1c36b032faf8265929ccff5931d677c7
-
SSDEEP
3145728:6egYRPSC++6y94FOXsoYPmKqFOAXv4uKkIa0duI2IukFp5v2k/2w:dxaC4y94FUsommKUtvPrt0duI2IukFXj
Behavioral task
behavioral1
Sample
uifgrgygfbvhfilyvbfuzsr.exe
Resource
win10-20240404-en
Malware Config
Targets
-
-
Target
uifgrgygfbvhfilyvbfuzsr.exe
-
Size
134.8MB
-
MD5
af8b0b1f7fbb86641bd5a65c22dd970b
-
SHA1
f9f0a38e35547fe1fe8650cbbb56e4a189773b31
-
SHA256
8fdc2b6aed81853502ff8535f010ec1c1f9ab6f86ac222574afb97a184ddf045
-
SHA512
f6c5e489cf105ef2b4a9e5e3aa6ff34b66afec2046fc7d3e50c7f271a711becf333b2ed4a7594f2fb1c3679d717be55e1c36b032faf8265929ccff5931d677c7
-
SSDEEP
3145728:6egYRPSC++6y94FOXsoYPmKqFOAXv4uKkIa0duI2IukFp5v2k/2w:dxaC4y94FUsommKUtvPrt0duI2IukFXj
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-