General
-
Target
jbweblocal.exe
-
Size
5.9MB
-
Sample
240522-knnd6shg64
-
MD5
6e219935d76d91a3f24a0972be49b8b1
-
SHA1
c86d31bfa11e0cebaa5ac989ed155be26df19ebd
-
SHA256
4f1abe960db5808e10b1f16d6ed63567fd80b785e1d3a471b86d04b99da741f6
-
SHA512
901a2b96f1ab6ecf9f30b80031ddc152ff9271b1820f4166f4528f9eb628fb3f6cd4f557de6eb28b906269d37ba65f4af555be723191906960f20480d6207a1c
-
SSDEEP
98304:Z4IBLEpzoLLJ3TbwaVvrZE0I8UI8F/Vtt1mIi3pRN8D8cXuz+W1Tb6eL5hx6uWYw:Z46LE9onJ5hrZE+e9tGPqKyGTblKuWYw
Behavioral task
behavioral1
Sample
jbweblocal.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
jbweblocal.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
jbweblocal.exe
Resource
win11-20240508-en
Malware Config
Targets
-
-
Target
jbweblocal.exe
-
Size
5.9MB
-
MD5
6e219935d76d91a3f24a0972be49b8b1
-
SHA1
c86d31bfa11e0cebaa5ac989ed155be26df19ebd
-
SHA256
4f1abe960db5808e10b1f16d6ed63567fd80b785e1d3a471b86d04b99da741f6
-
SHA512
901a2b96f1ab6ecf9f30b80031ddc152ff9271b1820f4166f4528f9eb628fb3f6cd4f557de6eb28b906269d37ba65f4af555be723191906960f20480d6207a1c
-
SSDEEP
98304:Z4IBLEpzoLLJ3TbwaVvrZE0I8UI8F/Vtt1mIi3pRN8D8cXuz+W1Tb6eL5hx6uWYw:Z46LE9onJ5hrZE+e9tGPqKyGTblKuWYw
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-