Overview

overview

10

Static

static

10

Built.exe

windows7-x64

7

Built.exe

windows10-2004-x64

8

멩��.pyc

windows7-x64

멩��.pyc

windows10-2004-x64

Resubmissions

26-10-2024 20:24

241026-y6wedszblq 10

26-10-2024 20:07

241026-yv864swpgs 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Built.exe

  • Size

    17.6MB

  • Sample

    241026-yv864swpgs

  • MD5

    d345395c94526a6560376c0fa4483825

  • SHA1

    7124e8cec0641e614d599a55e0ced4527519f698

  • SHA256

    5f0fc08096058a29983544c5f09d9b724c0be4b4c93bed1a97a435bb120246a3

  • SHA512

    7a7c3fea87c88770a04f4a1fa84133932201366da19e7a60229cbeba2b155b4645792750b28a0c9e6aafcd3c2c92283d05287aebd4553e84b45e7b4713f2df2e

  • SSDEEP

    393216:EFNhC2R4GD6zlIDovPUvNP+9V8MjC+WR+ijYpBX1NIH2gYBgDW4TOzn:EFNj5mzlgSPUF29lWRDyRBB+WTn

Score
10/10
blankgrabberdiscoveryexecutionspywarestealerupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      17.6MB

    • MD5

      d345395c94526a6560376c0fa4483825

    • SHA1

      7124e8cec0641e614d599a55e0ced4527519f698

    • SHA256

      5f0fc08096058a29983544c5f09d9b724c0be4b4c93bed1a97a435bb120246a3

    • SHA512

      7a7c3fea87c88770a04f4a1fa84133932201366da19e7a60229cbeba2b155b4645792750b28a0c9e6aafcd3c2c92283d05287aebd4553e84b45e7b4713f2df2e

    • SSDEEP

      393216:EFNhC2R4GD6zlIDovPUvNP+9V8MjC+WR+ijYpBX1NIH2gYBgDW4TOzn:EFNj5mzlgSPUF29lWRDyRBB+WTn

    Score
    8/10
    upxdiscoveryexecutionspywarestealer

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      멩��.pyc

    • Size

      1KB

    • MD5

      d5b3695d45cf0b651ba61be818583532

    • SHA1

      240ee276dc6012d9dbea06711b8455f875e1f0fc

    • SHA256

      146efe530be5ccabcb7c1095963946aa0a341085f899d51d0bf5445a5e2b5602

    • SHA512

      680cdb9e1afdacf7bf9262868040c919e45413d5e957af78b3f42a361572af733202ba1a3d2bbe2e7ed721de182e55abd22b837d099647c1091da581a9d4308f

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks