General
-
Target
loader.zip
-
Size
335.5MB
-
Sample
250120-tj9laaxnfx
-
MD5
d674550c79874b4e698108e78c0972e6
-
SHA1
d24e0f7df1d8a9ed049901caaa56a16c7840ae68
-
SHA256
b422869f2bfe5b0f322c4c9cab65c53de742e846202bd8854f2c74a869aed1ec
-
SHA512
dcb54866591e844a89b9ff1a7fdac3d070bcfbc0069c58361615a5e9c30a64d75594812cf936d2b04c4b43e1b5ab70a42077ce6acad8ea3e9edde66445596dbf
-
SSDEEP
6291456:jJo+nU4FBOF1N32GNW6n9KPlgB7w6BviYOtFxuLbTLoRrwDS2FATO:Voy7a1N32GNMPmBEYEbu8rwHFAa
Static task
static1
Behavioral task
behavioral1
Sample
loader.zip
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
Buildbox_2.3.3-1986.exe
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
Crack/BuildBox-2-3-3_Loader_Setup.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
loader.zip
-
Size
335.5MB
-
MD5
d674550c79874b4e698108e78c0972e6
-
SHA1
d24e0f7df1d8a9ed049901caaa56a16c7840ae68
-
SHA256
b422869f2bfe5b0f322c4c9cab65c53de742e846202bd8854f2c74a869aed1ec
-
SHA512
dcb54866591e844a89b9ff1a7fdac3d070bcfbc0069c58361615a5e9c30a64d75594812cf936d2b04c4b43e1b5ab70a42077ce6acad8ea3e9edde66445596dbf
-
SSDEEP
6291456:jJo+nU4FBOF1N32GNW6n9KPlgB7w6BviYOtFxuLbTLoRrwDS2FATO:Voy7a1N32GNMPmBEYEbu8rwHFAa
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
File and Directory Permissions Modification: Windows File and Directory Permissions Modification
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Buildbox_2.3.3-1986.exe
-
Size
73.1MB
-
MD5
9b2ecb1f95301a8e76ffbaed050fff82
-
SHA1
67dc37f65486db3c590531b0641e8dd903d24d5d
-
SHA256
7652dd1511c8d8e8a00f90ce3cb576ed948c1e198ccb9b84a6a40e5cc951d5a0
-
SHA512
dc58176acbab4a6ede103bffbdcb76813b9cd426758a6ba0b329fa4dfb4012354025a5d28f942138a6c1de5f378f08c405d67ab8995245ce47f92c04f8b47b33
-
SSDEEP
1572864:5lEPKDpk+3Pxd32li14xgms5bSdZXpW9QUqAPOy+xYyaFJGWI:5jpr3PxdmliqxQ5uJW9QUqjxY5FJ5I
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
Crack/BuildBox-2-3-3_Loader_Setup.exe
-
Size
616KB
-
MD5
ec7acd8acab5bf247491004d68ca89c6
-
SHA1
1b8b393b753d3946220704437d4fbbddac69aa69
-
SHA256
c27d61a5fa480cb181aab2b5d5645dbefc24b2d7cf7a6d4d616f203d79fd7ea8
-
SHA512
058dbf07312139b13f03668fa6984cd5bd9a612901b83fbd79f45c36837b9e789895c45d58854398ee8de9dc2d167ce2870eb67485126185627fbcc30caf92d2
-
SSDEEP
12288:i7blM9ncHg42Om2KgXY3o1HUeI7VtIw2kB2K6sOT:i7blinY32Om2KgErxV+w2kB2NT
Score7/10-
Executes dropped EXE
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
File and Directory Permissions Modification
2Windows File and Directory Permissions Modification
1Modify Registry
1