Overview

overview

10

Static

static

10

ElectronV3.exe

windows7-x64

7

ElectronV3.exe

windows10-2004-x64

8

Resubmissions

29-10-2024 01:04

241029-be1tgasakm 10

29-10-2024 00:51

241029-a7ldta1grj 10

29-10-2024 00:40

241029-a1ebxs1fnl 10

28-10-2024 21:24

241028-z88m6svqhj 10

28-10-2024 21:23

241028-z8jdaavqgl 10

28-10-2024 21:21

241028-z7jbwsvqfn 10

28-10-2024 19:41

241028-yejarawalg 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ElectronV3.exe

  • Size

    6.0MB

  • Sample

    241028-yejarawalg

  • MD5

    c2c6c42211b7e560f7f5229bbf3baf13

  • SHA1

    35b2e027c57acef78c8ebce370828e417af0509d

  • SHA256

    2c546b4744ffdba41cc00ece66df08335843fef5d9a955aa7593f6482f2b2ca2

  • SHA512

    81e0a74e954865388cc4c6c1edea76fec4befb4eb4057ad216af040bba656cb5c30feba2b2d36e3578d2eff008cefb4bd9274ac04d24c481254baa2eba311380

  • SSDEEP

    98304:k7EtdFBCIdxtamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RKOLPC6un2is1:kyFIIweN/FJMIDJf0gsAGK4RRLPClrs1

Score
10/10
blankgrabberexecutionupx

Malware Config

Targets

    • Target

      ElectronV3.exe

    • Size

      6.0MB

    • MD5

      c2c6c42211b7e560f7f5229bbf3baf13

    • SHA1

      35b2e027c57acef78c8ebce370828e417af0509d

    • SHA256

      2c546b4744ffdba41cc00ece66df08335843fef5d9a955aa7593f6482f2b2ca2

    • SHA512

      81e0a74e954865388cc4c6c1edea76fec4befb4eb4057ad216af040bba656cb5c30feba2b2d36e3578d2eff008cefb4bd9274ac04d24c481254baa2eba311380

    • SSDEEP

      98304:k7EtdFBCIdxtamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RKOLPC6un2is1:kyFIIweN/FJMIDJf0gsAGK4RRLPClrs1

    Score
    8/10
    upxexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks