Overview

overview

10

Static

static

10

Built.exe

windows11-21h2-x64

8

Resubmissions

22-01-2025 22:34

250122-2hk6asyqd1 10

22-01-2025 20:35

250122-zc1yfstrcs 10

22-01-2025 20:34

250122-zcq39avpcm 10

22-01-2025 20:33

250122-zcckvsvpbl 10

18-12-2024 13:38

241218-qxpaqasjdp 10

16-12-2024 22:41

241216-2mav5atjep 10

16-12-2024 21:41

241216-1j6yqa1rcq 10

15-12-2024 17:37

241215-v7bvla1nax 10

14-12-2024 18:17

241214-ww5tzazpat 10

13-12-2024 18:30

241213-w5q26synfm 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Built.exe

  • Size

    6.9MB

  • Sample

    250122-zcq39avpcm

  • MD5

    2754fe0444a11859ce6814803daaa62c

  • SHA1

    59193f0128f1649184a7f90283d31d891aa23a37

  • SHA256

    125b51c996078282c7048d8959fff151b7fa334b4381e74d4f98c4d335ab63c7

  • SHA512

    4c9eb428a9223e6b370a771926bf0f6a35fddceb25fe7188cbdc164311fb821b620d073238cd19b0bfabd2c6b197cae35759b4767b176466b077c446a9155b58

  • SSDEEP

    98304:o5DjWM8JEE1FdjamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEIFP:o50zGeNTfm/pf+xk4dWRpmrbW3jmrH

Score
10/10
blankgrabberdiscoveryexecutionspywarestealerupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      6.9MB

    • MD5

      2754fe0444a11859ce6814803daaa62c

    • SHA1

      59193f0128f1649184a7f90283d31d891aa23a37

    • SHA256

      125b51c996078282c7048d8959fff151b7fa334b4381e74d4f98c4d335ab63c7

    • SHA512

      4c9eb428a9223e6b370a771926bf0f6a35fddceb25fe7188cbdc164311fb821b620d073238cd19b0bfabd2c6b197cae35759b4767b176466b077c446a9155b58

    • SSDEEP

      98304:o5DjWM8JEE1FdjamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEIFP:o50zGeNTfm/pf+xk4dWRpmrbW3jmrH

    Score
    8/10
    discoveryexecutionspywarestealerupx

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

      execution

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks