General
-
Target
Built.exe
-
Size
6.9MB
-
Sample
241107-vw981sypdm
-
MD5
8019a64197423ce63d0aabdbfc4ccbcc
-
SHA1
6aa354d763ead1c32f74fa4e37784c3c006388c0
-
SHA256
0d9965dcbb38d6184922e408b80381c8441b6b4f1ab430f2365b7335baff14c3
-
SHA512
f99906692ffdede2914919f6267d85b8b99fb8ddfefb44d6289b72fd162b3e2fd6a36914348cac07f82e03df427d9e4ea4e40cb8cd3871f491fc8db42b64206f
-
SSDEEP
98304:ZMDjWM8JEE1FpJAFamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEE:ZM0vJAAeNTfm/pf+xk4dWRpmrbW3jmrV
Malware Config
Targets
-
-
Target
Built.exe
-
Size
6.9MB
-
MD5
8019a64197423ce63d0aabdbfc4ccbcc
-
SHA1
6aa354d763ead1c32f74fa4e37784c3c006388c0
-
SHA256
0d9965dcbb38d6184922e408b80381c8441b6b4f1ab430f2365b7335baff14c3
-
SHA512
f99906692ffdede2914919f6267d85b8b99fb8ddfefb44d6289b72fd162b3e2fd6a36914348cac07f82e03df427d9e4ea4e40cb8cd3871f491fc8db42b64206f
-
SSDEEP
98304:ZMDjWM8JEE1FpJAFamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEE:ZM0vJAAeNTfm/pf+xk4dWRpmrbW3jmrV
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-