Overview

overview

8

Static

static

Proforma.exe

windows7_x64

8

Proforma.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Proforma.exe

  • Size

    4KB

  • Sample

    210617-z9kse1exps

  • MD5

    c57cea8db447cb9bec608f939026bd86

  • SHA1

    e48f6b38215a9b26a31901c67d93da244ad1a546

  • SHA256

    c66e973686ee6d1761be2781a9f27f0f8d81fad4db088d836bebf6055cba193f

  • SHA512

    bae53eba4576b0d0ad261e1c79916a06c8a70e7545609c65ece25d6c6bb7c8eccbbedc1aa7a368e4ff310e2315c8d2b67d053c09c97eb07ae7a27653b939f4c0

Score
8/10
pyinstaller

Malware Config

Targets

    • Target

      Proforma.exe

    • Size

      4KB

    • MD5

      c57cea8db447cb9bec608f939026bd86

    • SHA1

      e48f6b38215a9b26a31901c67d93da244ad1a546

    • SHA256

      c66e973686ee6d1761be2781a9f27f0f8d81fad4db088d836bebf6055cba193f

    • SHA512

      bae53eba4576b0d0ad261e1c79916a06c8a70e7545609c65ece25d6c6bb7c8eccbbedc1aa7a368e4ff310e2315c8d2b67d053c09c97eb07ae7a27653b939f4c0

    Score
    8/10
    pyinstaller

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks