Overview

overview

10

Static

static

10

Built.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Built.exe

  • Size

    6.9MB

  • Sample

    241015-n62w3axbrq

  • MD5

    c01ef6c50c50e965c1b00ad14ac033cf

  • SHA1

    490e85442faddc014f9c2f2ec63bb69095c66b56

  • SHA256

    276551df72cfefde4969198d823ebf586abc353f29e06ab42816062dc0b7f02c

  • SHA512

    5b105b6303e3195f573032a676222da6ce459b841ae381de1bdcef6d8712af27156c07b9425f28d314d57535ba876d629ab6e164f657877f317c907c816d82d1

  • SSDEEP

    98304:OaDjWM8JEE1rfCamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYKJJcGhEIFl:Oa0v7eNTfm/pf+xk4dWRptrbWOjgra

Score
10/10
blankgrabberdiscoveryexecutionspywarestealerupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      6.9MB

    • MD5

      c01ef6c50c50e965c1b00ad14ac033cf

    • SHA1

      490e85442faddc014f9c2f2ec63bb69095c66b56

    • SHA256

      276551df72cfefde4969198d823ebf586abc353f29e06ab42816062dc0b7f02c

    • SHA512

      5b105b6303e3195f573032a676222da6ce459b841ae381de1bdcef6d8712af27156c07b9425f28d314d57535ba876d629ab6e164f657877f317c907c816d82d1

    • SSDEEP

      98304:OaDjWM8JEE1rfCamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYKJJcGhEIFl:Oa0v7eNTfm/pf+xk4dWRptrbWOjgra

    Score
    8/10
    discoveryexecutionspywarestealerupx

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks