Overview

overview

10

Static

static

10

Built.exe

windows7-x64

7

Built.exe

windows10-2004-x64

8

_���...��.pyc

windows7-x64

_���...��.pyc

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Built.exe

  • Size

    7.7MB

  • Sample

    250326-y3sjbstrw3

  • MD5

    42dafc16fcb3f5338c11e3bca78bbbba

  • SHA1

    08be6b99ff6ecb5d6fc601b042404b164627782a

  • SHA256

    e34b6206ad0899f9aff858ad6b7ec419b226555a639efdaed33ddb64b1ff0e7a

  • SHA512

    79825eb0356ca46db08262ec9ca2ad97235c6487e1a9ef83e38b8a558bf68df655d56cf634c2ff5a2a9c8cdf27b1a53b2b9e43f110bef4bba6870f7c0dbdbc5e

  • SSDEEP

    196608:iWY06CwfI9jUCD6rlaZLH7qRGrpIYUoZy8FUsOnAoX:sIH20drKYRZjoX

Score
10/10
blankgrabberdiscoveryexecutionupx

Malware Config

Targets

    • Target

      Built.exe

    • Size

      7.7MB

    • MD5

      42dafc16fcb3f5338c11e3bca78bbbba

    • SHA1

      08be6b99ff6ecb5d6fc601b042404b164627782a

    • SHA256

      e34b6206ad0899f9aff858ad6b7ec419b226555a639efdaed33ddb64b1ff0e7a

    • SHA512

      79825eb0356ca46db08262ec9ca2ad97235c6487e1a9ef83e38b8a558bf68df655d56cf634c2ff5a2a9c8cdf27b1a53b2b9e43f110bef4bba6870f7c0dbdbc5e

    • SSDEEP

      196608:iWY06CwfI9jUCD6rlaZLH7qRGrpIYUoZy8FUsOnAoX:sIH20drKYRZjoX

    Score
    8/10
    upxdiscoveryexecution

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      _������.pyc

    • Size

      1KB

    • MD5

      4206abc289788ecb39bf12fd965f9f85

    • SHA1

      5434d8cbfdfd8cea1e6ff51b78e5c26dc2116feb

    • SHA256

      cb8ffadd6d34f7282e584bf6bfa0c4b998844be0ab39110b6c20a8b050ba9885

    • SHA512

      a4dfb7b9e3256605a2a3ed45031a6a717cb8f8672c99fa851768b95b2896f36c55ccece2f8857dca176635f33ac6909a9b33d7d641467ba2de89fdc8b177fb8e

    Score
    1/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks