General
-
Target
Buildbox_2.3.3-1986.exe
-
Size
73.1MB
-
Sample
240608-clhf5sfe5s
-
MD5
9b2ecb1f95301a8e76ffbaed050fff82
-
SHA1
67dc37f65486db3c590531b0641e8dd903d24d5d
-
SHA256
7652dd1511c8d8e8a00f90ce3cb576ed948c1e198ccb9b84a6a40e5cc951d5a0
-
SHA512
dc58176acbab4a6ede103bffbdcb76813b9cd426758a6ba0b329fa4dfb4012354025a5d28f942138a6c1de5f378f08c405d67ab8995245ce47f92c04f8b47b33
-
SSDEEP
1572864:5lEPKDpk+3Pxd32li14xgms5bSdZXpW9QUqAPOy+xYyaFJGWI:5jpr3PxdmliqxQ5uJW9QUqjxY5FJ5I
Malware Config
Targets
-
-
Target
Buildbox_2.3.3-1986.exe
-
Size
73.1MB
-
MD5
9b2ecb1f95301a8e76ffbaed050fff82
-
SHA1
67dc37f65486db3c590531b0641e8dd903d24d5d
-
SHA256
7652dd1511c8d8e8a00f90ce3cb576ed948c1e198ccb9b84a6a40e5cc951d5a0
-
SHA512
dc58176acbab4a6ede103bffbdcb76813b9cd426758a6ba0b329fa4dfb4012354025a5d28f942138a6c1de5f378f08c405d67ab8995245ce47f92c04f8b47b33
-
SSDEEP
1572864:5lEPKDpk+3Pxd32li14xgms5bSdZXpW9QUqAPOy+xYyaFJGWI:5jpr3PxdmliqxQ5uJW9QUqjxY5FJ5I
Score8/10-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-