General
-
Target
Built.exe
-
Size
8.2MB
-
Sample
241124-j2l8la1ngy
-
MD5
5ee0a00ae8a26984dd9638326e4ebca7
-
SHA1
6fab32c0e26cd0851b5e3660062db64e31d06244
-
SHA256
292e1ade7a6fc8629fe319207cf6380b1410748553f060c578541c8317988d45
-
SHA512
7767532e0c6376634957cd8d2c157e00baaa65ea81ecc2711ec50a18adfd9d0b191507d6e1ae381fbcc244d265961ef9a76dd6f7f6eeba9f7a72b486953bdbbd
-
SSDEEP
196608:SDgCPtwfI9jUC2gYBYv3vbW4SEA+iITm1U6fi:7CPiIH2gYBgDWZ+TOza
Behavioral task
behavioral1
Sample
Built.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Built.exe
-
Size
8.2MB
-
MD5
5ee0a00ae8a26984dd9638326e4ebca7
-
SHA1
6fab32c0e26cd0851b5e3660062db64e31d06244
-
SHA256
292e1ade7a6fc8629fe319207cf6380b1410748553f060c578541c8317988d45
-
SHA512
7767532e0c6376634957cd8d2c157e00baaa65ea81ecc2711ec50a18adfd9d0b191507d6e1ae381fbcc244d265961ef9a76dd6f7f6eeba9f7a72b486953bdbbd
-
SSDEEP
196608:SDgCPtwfI9jUC2gYBYv3vbW4SEA+iITm1U6fi:7CPiIH2gYBgDWZ+TOza
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-