General
-
Target
source_prepared.exe
-
Size
75.7MB
-
Sample
240730-pjs63ssglb
-
MD5
914611d3bb6052e979d4a4092db162e9
-
SHA1
dc08ef36ebb29e44015021b2ff9599327c78b645
-
SHA256
aca85fce75bc0c9c4bdcd0016386fdd055687d7d3369fa341f501122f7184d7f
-
SHA512
0ac1f36257e60461a9fc5699e894cd8a8307f6c9b4d955267cf65d9eac813e1ef4fec42505d6d16d196af48937693777d023c83a591cd93599410aedc84dd976
-
SSDEEP
1572864:LvhQ6l8p7vDSk8IpG7V+VPhqIbE7WTylPj4iY4MHHLeqPNLtDaSWIXZpzK4C:Lvh1ipPSkB05awIxTy5nMHVLteSbzK5
Behavioral task
behavioral1
Sample
source_prepared.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
source_prepared.exe
Resource
win11-20240729-en
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
75.7MB
-
MD5
914611d3bb6052e979d4a4092db162e9
-
SHA1
dc08ef36ebb29e44015021b2ff9599327c78b645
-
SHA256
aca85fce75bc0c9c4bdcd0016386fdd055687d7d3369fa341f501122f7184d7f
-
SHA512
0ac1f36257e60461a9fc5699e894cd8a8307f6c9b4d955267cf65d9eac813e1ef4fec42505d6d16d196af48937693777d023c83a591cd93599410aedc84dd976
-
SSDEEP
1572864:LvhQ6l8p7vDSk8IpG7V+VPhqIbE7WTylPj4iY4MHHLeqPNLtDaSWIXZpzK4C:Lvh1ipPSkB05awIxTy5nMHVLteSbzK5
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-