Overview

overview

8

Static

static

3

a.bin.exe

windows7_x64

7

a.bin.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a.bin.zip

  • Size

    24.5MB

  • Sample

    210518-14ghabzyfj

  • MD5

    d2dd16de46fabecaa3dd784c8d81555b

  • SHA1

    55548183b64f0c1675e560d95fb7d9b9762f4b10

  • SHA256

    0a58b753a6c1927045d6fba0c1947c2f8e64eeaee2422d24a16cb3dbd91cf1d0

  • SHA512

    f48867e0e06a803f18ce83e94c412afb0b7c9167956475e505bf45ff8e2288800036fc4c6a64483147684875e93b28df4c97d5c08cabe1d72948cf5ecb17770b

Score
8/10
pyinstaller

Malware Config

Targets

    • Target

      a.bin

    • Size

      24.8MB

    • MD5

      ff3e538ca4f72aa803986246ccd6204c

    • SHA1

      aaef4bf2d4d7dde0164b5218dad3b7a691d1b96b

    • SHA256

      4363c6197e0fd7b380f30154c36bc7bd15a81bda1158ef3a6a021f80928f7fae

    • SHA512

      995be671dbf7af6c7ab69b823c3bcd914bb776d525425e3395824b234068330afdd1c06d6d897d4cf1d36da0faee017510905baba5c56a590dbbcd1001a6733f

    Score
    8/10
    pyinstaller

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks