Overview

overview

10

Static

static

10

Built.exe

windows7-x64

7

Built.exe

windows10-2004-x64

8

Resubmissions

04-11-2024 21:33

241104-1efkzaybkj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Built.exe

  • Size

    6.0MB

  • Sample

    241104-1efkzaybkj

  • MD5

    1393e1847b3370f7a610afcdb5f262d3

  • SHA1

    837ade57eaa8bd78bb3b50a8c765bfa7d54e9e15

  • SHA256

    f28c5e759a8758cdaee115b1426b7e7aaadac89831345179ab77f8de93c683f5

  • SHA512

    c5004b6a0b8d23546e0eaa07e01f2887035577e67fd6717394a8e1406644ecf885d4ab2b62e062dd78dc6e6bd9c299f547bec74f023da59afd85561cad815b2a

  • SSDEEP

    98304:7TEtdFB4ramaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RKOLPH9s6yC:7KFiOeN/FJMIDJf0gsAGK4RRLPH6JC

Score
10/10
blankgrabberexecutionupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      6.0MB

    • MD5

      1393e1847b3370f7a610afcdb5f262d3

    • SHA1

      837ade57eaa8bd78bb3b50a8c765bfa7d54e9e15

    • SHA256

      f28c5e759a8758cdaee115b1426b7e7aaadac89831345179ab77f8de93c683f5

    • SHA512

      c5004b6a0b8d23546e0eaa07e01f2887035577e67fd6717394a8e1406644ecf885d4ab2b62e062dd78dc6e6bd9c299f547bec74f023da59afd85561cad815b2a

    • SSDEEP

      98304:7TEtdFB4ramaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RKOLPH9s6yC:7KFiOeN/FJMIDJf0gsAGK4RRLPH6JC

    Score
    8/10
    upxexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks