General

  • Target

    Built.exe

  • Size

    8.4MB

  • Sample

    241224-c3mgeszjhz

  • MD5

    0c86d73d42f5caf623b9f4d7afb660cf

  • SHA1

    8dcb47b711f5f95d1b0d65fb5af14fcefdb9b402

  • SHA256

    9d0dcb19f263573b2c7fd3e6fa6d5e06464bc10b371b6bde6e381a309022f551

  • SHA512

    812c200512b4e2b5ffce4f13525b2b7e4f2fd3ebc8dd6eb8a959c08b20afa0dfd4281f2112b786165dfeb04940adfe86eb019fd48b7f5f8dbe4c03aa57bb4a9f

  • SSDEEP

    196608:501dIwfI9jUCnORird1Kp0RLOYFSEcN2oc+nBIdAx2:6zIHOQ7nE1nnBIl

Malware Config

Targets

    • Target

      Built.exe

    • Size

      8.4MB

    • MD5

      0c86d73d42f5caf623b9f4d7afb660cf

    • SHA1

      8dcb47b711f5f95d1b0d65fb5af14fcefdb9b402

    • SHA256

      9d0dcb19f263573b2c7fd3e6fa6d5e06464bc10b371b6bde6e381a309022f551

    • SHA512

      812c200512b4e2b5ffce4f13525b2b7e4f2fd3ebc8dd6eb8a959c08b20afa0dfd4281f2112b786165dfeb04940adfe86eb019fd48b7f5f8dbe4c03aa57bb4a9f

    • SSDEEP

      196608:501dIwfI9jUCnORird1Kp0RLOYFSEcN2oc+nBIdAx2:6zIHOQ7nE1nnBIl

    • Modifies visiblity of hidden/system files in Explorer

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks