Overview

overview

7

Static

static

3

dead.builder.exe

windows7-x64

7

dead.builder.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dead.builder.exe

  • Size

    3.5MB

  • Sample

    240628-sjqyhaxhpp

  • MD5

    843cb08b973c9003b0fb086da217b63d

  • SHA1

    0fd13e058ae7ffd15b8a303700710e879a5927f9

  • SHA256

    664ee273d850e82e2b13819c224a46e08f1740ded02deed3df51074788cfb3d2

  • SHA512

    f46cb8f145d26223d2f4b4d49462c9f06202cd2803f9760a76eb2a5bf2bd94b1ae6995b687c5f1e6e00c7a41037c9557d35285e4769ecbe39af5241dd6cfee02

  • SSDEEP

    98304:FkjozJ9/im8XVBKl6tmJVP2sRx/E0T7zN3HtHMSGuA+i1i:5zJpjS346tmJ1ds+7ptHM9uAm

Score
7/10
agilenet

Malware Config

Targets

    • Target

      dead.builder.exe

    • Size

      3.5MB

    • MD5

      843cb08b973c9003b0fb086da217b63d

    • SHA1

      0fd13e058ae7ffd15b8a303700710e879a5927f9

    • SHA256

      664ee273d850e82e2b13819c224a46e08f1740ded02deed3df51074788cfb3d2

    • SHA512

      f46cb8f145d26223d2f4b4d49462c9f06202cd2803f9760a76eb2a5bf2bd94b1ae6995b687c5f1e6e00c7a41037c9557d35285e4769ecbe39af5241dd6cfee02

    • SSDEEP

      98304:FkjozJ9/im8XVBKl6tmJVP2sRx/E0T7zN3HtHMSGuA+i1i:5zJpjS346tmJ1ds+7ptHM9uAm

    Score
    7/10
    agilenet

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks