General
-
Target
Built.exe
-
Size
7.5MB
-
Sample
241129-3hs2kswpdl
-
MD5
65f3f72d4fb87b3c8f20dd1abe7782da
-
SHA1
fdafe29419d6e7735b1288fa0133d0fc4b5e2fe6
-
SHA256
1f603ea212d35c6a11c55d00804f8d5c84bd003e2ce32acf9bfc972cc9beb621
-
SHA512
a7b6fac2636eea6f8e99bf4c41cfcdfe67d5f991de7fb1e19df6ba2ef51c70836e4b7606edb273f5add66b503a6ec3c0baec028925aa5428c0a5dbef9f6297e7
-
SSDEEP
196608:96gIfwfI9jUC2gYBYv3vbW5GPFQw6+HlmQEa:ddIH2gYBgDWOQwhlX
Behavioral task
behavioral1
Sample
Built.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
Built.exe
-
Size
7.5MB
-
MD5
65f3f72d4fb87b3c8f20dd1abe7782da
-
SHA1
fdafe29419d6e7735b1288fa0133d0fc4b5e2fe6
-
SHA256
1f603ea212d35c6a11c55d00804f8d5c84bd003e2ce32acf9bfc972cc9beb621
-
SHA512
a7b6fac2636eea6f8e99bf4c41cfcdfe67d5f991de7fb1e19df6ba2ef51c70836e4b7606edb273f5add66b503a6ec3c0baec028925aa5428c0a5dbef9f6297e7
-
SSDEEP
196608:96gIfwfI9jUC2gYBYv3vbW5GPFQw6+HlmQEa:ddIH2gYBgDWOQwhlX
-
Drops file in Drivers directory
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Obfuscated Files or Information: Command Obfuscation
Adversaries may obfuscate content during command execution to impede detection.
-
Enumerates processes with tasklist
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Obfuscated Files or Information
1Command Obfuscation
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3