General
-
Target
dead.builder.exe
-
Size
3.5MB
-
Sample
240628-sjqyhaxhpp
-
MD5
843cb08b973c9003b0fb086da217b63d
-
SHA1
0fd13e058ae7ffd15b8a303700710e879a5927f9
-
SHA256
664ee273d850e82e2b13819c224a46e08f1740ded02deed3df51074788cfb3d2
-
SHA512
f46cb8f145d26223d2f4b4d49462c9f06202cd2803f9760a76eb2a5bf2bd94b1ae6995b687c5f1e6e00c7a41037c9557d35285e4769ecbe39af5241dd6cfee02
-
SSDEEP
98304:FkjozJ9/im8XVBKl6tmJVP2sRx/E0T7zN3HtHMSGuA+i1i:5zJpjS346tmJ1ds+7ptHM9uAm
Static task
static1
Behavioral task
behavioral1
Sample
dead.builder.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
dead.builder.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
dead.builder.exe
-
Size
3.5MB
-
MD5
843cb08b973c9003b0fb086da217b63d
-
SHA1
0fd13e058ae7ffd15b8a303700710e879a5927f9
-
SHA256
664ee273d850e82e2b13819c224a46e08f1740ded02deed3df51074788cfb3d2
-
SHA512
f46cb8f145d26223d2f4b4d49462c9f06202cd2803f9760a76eb2a5bf2bd94b1ae6995b687c5f1e6e00c7a41037c9557d35285e4769ecbe39af5241dd6cfee02
-
SSDEEP
98304:FkjozJ9/im8XVBKl6tmJVP2sRx/E0T7zN3HtHMSGuA+i1i:5zJpjS346tmJ1ds+7ptHM9uAm
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-