General
-
Target
source_prepared.exe
-
Size
103.6MB
-
Sample
240801-kx1qvsxalf
-
MD5
455a9b01120f5117ffbfcba000b87027
-
SHA1
f903c72e054a3298a67f5301898362d9b2278eb4
-
SHA256
39efcea56e5c786d357d12a813906571bd489b6cd78aa00ed51ed3b612662516
-
SHA512
92219d2ba9517a9881f96ec40ca48f373de2e1d99d4c9bd3ece792ee9c08ee5e51e034dfac781e4417606d6bd65274c233b1df372b778bb0060c57b5f39194ff
-
SSDEEP
3145728:igOb8S6xjKcBaIc2qHO5iVY2nGQbRe0zJcBWNs9U:GgSWNaIsHCiH1XcBWy
Behavioral task
behavioral1
Sample
source_prepared.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
source_prepared.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
103.6MB
-
MD5
455a9b01120f5117ffbfcba000b87027
-
SHA1
f903c72e054a3298a67f5301898362d9b2278eb4
-
SHA256
39efcea56e5c786d357d12a813906571bd489b6cd78aa00ed51ed3b612662516
-
SHA512
92219d2ba9517a9881f96ec40ca48f373de2e1d99d4c9bd3ece792ee9c08ee5e51e034dfac781e4417606d6bd65274c233b1df372b778bb0060c57b5f39194ff
-
SSDEEP
3145728:igOb8S6xjKcBaIc2qHO5iVY2nGQbRe0zJcBWNs9U:GgSWNaIsHCiH1XcBWy
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-