General
-
Target
Built.exe
-
Size
7.5MB
-
Sample
241110-tdg9vazgmd
-
MD5
12e9f3ce18351ee539646c23cc862c5c
-
SHA1
0b2487fe4e3ffaf79fdf1c0c0b01f6ce68346daf
-
SHA256
72fdb72dcc71697b027824211e2879f4bf8c8974e56a857f2fca30ad7b675d6f
-
SHA512
585882cbb5e8097d47b3985326a4ae9c17d2e015801652d88a5c5230feab1add48f60bd73fa9ff34b505de742b437e53ed03b53d5011c1834c134610ff96ac59
-
SSDEEP
196608:yOgFHwfI9jUC2gYBYv3vbW5+iITm1U6fi:4FMIH2gYBgDW4TOz6
Behavioral task
behavioral1
Sample
Built.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Built.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Built.exe
-
Size
7.5MB
-
MD5
12e9f3ce18351ee539646c23cc862c5c
-
SHA1
0b2487fe4e3ffaf79fdf1c0c0b01f6ce68346daf
-
SHA256
72fdb72dcc71697b027824211e2879f4bf8c8974e56a857f2fca30ad7b675d6f
-
SHA512
585882cbb5e8097d47b3985326a4ae9c17d2e015801652d88a5c5230feab1add48f60bd73fa9ff34b505de742b437e53ed03b53d5011c1834c134610ff96ac59
-
SSDEEP
196608:yOgFHwfI9jUC2gYBYv3vbW5+iITm1U6fi:4FMIH2gYBgDW4TOz6
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-