54d852c4fc7896a844c8863d726c78e9c66c1c7f3b11df935f2db93542014eef

Sharing

Copy URL

Twitter E-mail

General

Target

Heyo_Token_fucker.7z
Size

21.1MB
Sample

210629-trt3jrvykj
MD5

7a1efc1a2d27d5491d4c9be2b4e63eae
SHA1

016939cab662dc14e1738ab3d28a68f566c0cea3
SHA256

54d852c4fc7896a844c8863d726c78e9c66c1c7f3b11df935f2db93542014eef
SHA512

33630bfc2dbfc96115802404a7c79a079e5bcdd564f418ef4fa83564c3296901ee89aaad9af8f82593d884d0b97ffdef8536d40d0a681d02d386284adf4809ce

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Heyo Token fucker/__pycache__/hi.cpython-38.pyc
- Size
  
  38KB
- MD5
  
  ff46707f808a46d314ca9fded6974493
- SHA1
  
  6777ac16dd344c0c1dd251bb708007c32c090510
- SHA256
  
  850abad1e85b24e6a9ca631cad0214ce070b8a3c0358a119fb64b98b831390a2
- SHA512
  
  116e03552492b0dc72f869df52375c63be12cc6381979f46eb1df2aa23d1b142ad100976ca4b0be54f6f5e416e0fc492ac711208a16b94af2caf3f3f1172e861
Score

1^/10
behavioral1
- Target
  
  Heyo Token fucker/build/hi/PKG-00.pkg
- Size
  
  10.5MB
- MD5
  
  87bdd21d808075ee12abec13bd90439f
- SHA1
  
  5d2f1d03419b86d105189c1dd2e28d593296a346
- SHA256
  
  00cff5567e1148d6f46649f074cf2c2e9b53f5a1c4f1af9da84dd2091459e130
- SHA512
  
  b6e5484b460028cc14ff719882e46de223f6ebf7b7c460e97ec19af9129c6a48f3593f9695e9b9cf770b3388b522c98551c65e28398009d3bf741a9b696764fe
Score

1^/10
behavioral2
- Target
  
  _bootlocale.pyc
- Size
  
  1KB
- MD5
  
  f523580fac08a05073bcb81a70c7d869
- SHA1
  
  cf7409d37fb5618642cb934f30c235fd78a4d709
- SHA256
  
  9264935f244365172be594dfbe9d395519966f6d5c3f48b0af4cbe027f2b33b9
- SHA512
  
  5ab447e3d3fad61341e8fcc464a2e2729b5063ee6babac09e4eba29fe81ccc54c587d6b466bbfe3bca85bc4032b9ce4ed57a652c47e18c8fda208928e6e965fa
Score

3^/10
behavioral3
- Target
  
  _collections_abc.pyc
- Size
  
  28KB
- MD5
  
  2a595ba49e5ab450a45e57733a89572e
- SHA1
  
  03b5fc0cb46257b9d959ff3c102322be2c15c179
- SHA256
  
  0da45fe44b8ba964c863cdeec4abf56bee69801238a1f056e89bb31254ceeae4
- SHA512
  
  a3ca1c43b35eb6847d43c1525fe27e060eb2757e5c6d32f14c96984d7f11913e8741c573d109dcf65b31d95b324a9200d26e0a5f2d66eb34d272d872da5d0a56
Score

1^/10
behavioral4
- Target
  
  _weakrefset.pyc
- Size
  
  7KB
- MD5
  
  b8a13f915af63039516e481cb449caa3
- SHA1
  
  b7bf031b44b8914b40da06cc2b7b3df36c9bb401
- SHA256
  
  521dcfac67037d4728d54c58de3a82b6be80d115614e94f056e91ba9dcaa1cb6
- SHA512
  
  361d98275e7e56a0472adb1ae4a9a0d9258b74d863fe733fff497860abe22f07eca384971e666e3e76a2464789a1cc75637d5a835bce9a423fdc0ece755dccbc
Score

7^/10
- Loads dropped DLL
behavioral5
- Target
  
  abc.pyc
- Size
  
  5KB
- MD5
  
  5249be6308a6672fdfddafacefdd0d04
- SHA1
  
  ef5c9dd2e0707215f42c58b35d3bf3cd2f9a1c98
- SHA256
  
  3caffaf6c5ded668539d3b8ed19760c5a7b6758fa8bffd2c50a736ca31177903
- SHA512
  
  908cfdeaa08f2b36302aef56e22610358c3e75d5e3e56f23731dd9dd19eacdac6ee80e56e51e92fa0b16e8efe907aac10b9362c45e871cf66529cc6adc0a94ac
Score

3^/10
behavioral6
- Target
  
  codecs.pyc
- Size
  
  33KB
- MD5
  
  37d2f4f25143a9f470ddd78ad15810f8
- SHA1
  
  108db2b0b016cb5e7da044f1dc568d5500e5d21d
- SHA256
  
  036ee831c127bc2f5601875c29037c090d7e616d1a1af592201d50118cba4ab3
- SHA512
  
  9e2d0cff6582dd1a7a8eec220a91f431cad6bdf69c541254e7c09b162bc449f68a9d158c6ac35eb6b4fd30d9faf0acede96695e3d533cba65eef65f0c9642b4e
Score

3^/10
behavioral7
- Target
  
  collections/__init__.pyc
- Size
  
  45KB
- MD5
  
  fedd9065bf617aa29f3c4df35e436b2d
- SHA1
  
  57a69cc2174676a7082df6b3caba958e5f759435
- SHA256
  
  b43d68fc93fbf93bac19d21dc053cda1472c478d41c1cf657f61dd43683a2310
- SHA512
  
  2bc6c39e0a064a1501b2812ba7ed7237135e091d15a14088144773285a785c0b9f64ff9f6268f14786ab51f7b60cf83e82a9c2ebfdf4af479c6dc9b29c955423
Score

3^/10
behavioral8
- Target
  
  collections/abc.pyc
- Size
  
  233B
- MD5
  
  a7d5ef36429887a470617afdddbe3d1b
- SHA1
  
  ba049de1c9ebcbd7963455eb0eb2968b34801deb
- SHA256
  
  0bfb59e8cdef8ce99a84a264bcfa8bd94b2a5560f005a4c27c012e01b04cb822
- SHA512
  
  c1826faaf3b816f63b26b7cd26be5678cca84f68c0d7228542c5c98971f9fb508bd83cadcf5d8f4245e8b305d2c9a6afc3c297534c77a4f5b704a747d1bcc53d
Score

3^/10
behavioral9
- Target
  
  copyreg.pyc
- Size
  
  4KB
- MD5
  
  4b02be5e9a828d9fddb274f94c6a254b
- SHA1
  
  ba233763b2170e3b1f50dfd5b130845c6587f291
- SHA256
  
  ec59087233f45e45b76eb01351bb81ce7d37a672e5baa27f01519d86afe14a1b
- SHA512
  
  cd64f7833d11794c856ccb9caa7b9ab75c514b02cdd184a601d1a01c8405c73b05f1d6461671367b298f6dd3e8e323c5065ccf94b120d4cc9b1cf63b3b0daa37
Score

3^/10
behavioral10
- Target
  
  encodings/__init__.pyc
- Size
  
  3KB
- MD5
  
  26ada62bbf2f11883f509e54878fc442
- SHA1
  
  a3ec1cc9802d24aab87a1481ea96c1da7d8b6898
- SHA256
  
  2c8256237760896e24b9ee75c3ed4ed15355e008669761edb7bb8d362cdf64dd
- SHA512
  
  cc67504c828a836176c761165e627be7b3a1ec692a3441c03ec46e2dc2d140105dd747ac38662e2ec3c8f76144f8f7ec4be1a489ff5bbc6dd1c33bc36eb13c49
Score

3^/10
behavioral11
- Target
  
  encodings/aliases.pyc
- Size
  
  6KB
- MD5
  
  82e03bc4cfc916687684e3cb79ef2a14
- SHA1
  
  b1547eba5d5508c51471a5a0ea8fcc31ab7e4a5e
- SHA256
  
  6cae30dd6044b04bf15e73fe203e11d4738a8e86c76a372d7ed5af71a511cf92
- SHA512
  
  3c212048e2331ef0b301506bae0a5538ac2a3baf7ce6333e268b83d89e96c7c889122e05fe287dbdb80104ba76fb9c58df9bdfe692b0a7a3a3e463e490addf7a
Score

3^/10
behavioral12
- Target
  
  encodings/ascii.pyc
- Size
  
  1KB
- MD5
  
  4b6c26126b85c0f989af906bd2f2f988
- SHA1
  
  ffec6009f860481e45c174dfc8ec9bca72c5f457
- SHA256
  
  dcffb2f895a3a020ef0254e79b184befff6cddc5e0376ce8b3f2c1e4a2c0fbae
- SHA512
  
  d6cd27dccfd4f91dc463a1a9ab8952f806c97e8188ab8bfe35659d437c84cde6b33baed10ef2198f2abf26a257e3e12248b35ceefe32f6d8c2482fac41b9b916
Score

3^/10
behavioral13
- Target
  
  encodings/base64_codec.pyc
- Size
  
  2KB
- MD5
  
  1d152c515cbebc4480106a50db20d846
- SHA1
  
  b2920cf8f22245fe21cbae4bd670431aafbcd014
- SHA256
  
  d71e6d7bc78e96030e665799621113b2e92530e03d631d0918f673564af481d7
- SHA512
  
  4c734bd02ce052bcb4d9af030867848c2fddbdb8d51900a70c26cd2996e9ce5d8df70d77a0c0e46fbb2e57c3ffbaa923e169fc9abbe85266ca164e23faac1fd9
Score

3^/10
behavioral14
- Target
  
  encodings/big5.pyc
- Size
  
  1KB
- MD5
  
  e30c4eab5c92fd5aa208a261b71eeaca
- SHA1
  
  eee861f5f243d6febc27f8cb7b33f1414d792e08
- SHA256
  
  26cb7d54bebfef7f98c5e4553fa42fa6b467b1bfd0e3be3b24f22edee19086a2
- SHA512
  
  ad795eb0a823a41d44bf705e57813ca0e2aa3aedb00a00cc715d53cf932bc0780b3487fb2a7b5da9a22147a459942492498180076cb28607e981af16ee27b767
Score

3^/10
behavioral15
- Target
  
  encodings/big5hkscs.pyc
- Size
  
  1KB
- MD5
  
  7522c699670f5e4db5412133a9ab2b7a
- SHA1
  
  789d8bea8cf3e786c212fd3b4c7c51e616fd585c
- SHA256
  
  e6a6cef1d19b8a0f7f904b443d9771adaf939843e325c18f6cb56c65be4a8eb8
- SHA512
  
  174e1696b862084becbd9795f89dfb6cc6eb702bd1cefca5a38b0872ea7b09303b45c7db19b3732fbbcee18b73a3d0f49dec879b0b387a6a94d21c81ffda3fe8
Score

3^/10
behavioral16
- Target
  
  encodings/bz2_codec.pyc
- Size
  
  3KB
- MD5
  
  ff5afcde8b6c89d6c0a3ac0ec71d83d4
- SHA1
  
  d8234975c6ed5385631b0d80b1997ee5ba9968a6
- SHA256
  
  224ac448f9fa2470769aa40a34a17369e0ceb0d0e28eb01b7cc3af56d0d86019
- SHA512
  
  0a5aea16cba10bd58cbf7cd7ffdc1a0a27d173bfa44e62e815185f8b0fd19e7ccb31ad576d61964633825f081a7616c2366aaf272b42f3e0899a3342851fc0f2
Score

3^/10
behavioral17
- Target
  
  encodings/charmap.pyc
- Size
  
  2KB
- MD5
  
  2afd671e0455f87c20b8422f6459a9fc
- SHA1
  
  2fd97e4b8b5dfda299a975f025b608abb86ee719
- SHA256
  
  67edf47f306d6bd63e4c3bfe9b794454d215c34010a4c2f5b1566dad2cc3f5eb
- SHA512
  
  caaf7d8b9ce7424a70b71afc2bb944e60e3e8a46fa03475144a2e50cec640661dfeb091a92df68e9424eb8fc7d296d4dfeab603594fbab5bd03d037311f01bd6
Score

3^/10
behavioral18
- Target
  
  encodings/cp037.pyc
- Size
  
  2KB
- MD5
  
  de6d531fdf71d38ec444be3672aa997a
- SHA1
  
  d2ac5546023ecfd732c8deaf8ea96e62d28afc1b
- SHA256
  
  e554915d3ecc0f73b8f1eccec15140c3d1a257e745f7dbbf060de28b5f544605
- SHA512
  
  8022b4c95db7ea884d280fc734fbbb5090edaa01e3dfd8156581f952fe2847595020d9395399e9900b88cee629cc09b650c4f6959890b516e800ad8c8a731eba
Score

3^/10
behavioral19
- Target
  
  encodings/cp1006.pyc
- Size
  
  2KB
- MD5
  
  583da625cb72fe57cf71301d86fe2ade
- SHA1
  
  d2253deb9a00b9f49e8f18f744876d26c2e328d4
- SHA256
  
  0d01798f03dc240a8a11b6d501122f696516d473cba28154c738b1a901486b5a
- SHA512
  
  59943c00724e7c1cc400b5b3cb24167b5be230951a88b7f000178ed89e686c988ad10026ce0e2af41cca9064d02c95453f92ab994a8c0a724c41132d8a83782f
Score

3^/10
behavioral20
- Target
  
  encodings/cp1026.pyc
- Size
  
  2KB
- MD5
  
  e7c1d0dd34ccb660769b43a07da6e9a9
- SHA1
  
  c95c6cc9a0f8e7eb2bfa0abba850205ddb00282d
- SHA256
  
  d2bba24770500c0e3469a0d7b95a9e0763427f9b56037970735ba9d015fc0481
- SHA512
  
  bd10c971ab5fc6f1e1d3e5878c330e376b1e16c0e0a8a60a4e411b35bc2116870b937b82991854c29a6d56c53b9b533904eb716f10193ea77da970fa73b49d9b
Score

3^/10
behavioral21
- Target
  
  encodings/cp1125.pyc
- Size
  
  7KB
- MD5
  
  a48c3ef5d6f4426e17649afde1d46d86
- SHA1
  
  2387ae0a4e9e497794e163cc04812dfecc795f4f
- SHA256
  
  ddf2ec3a4d28b4ae85532b0f158fc37fda3ed78879ef2daa4c67651c996fa7b8
- SHA512
  
  bb8d886cf8d4893efd4528b9a880d8ea83019f9df1eb5f0509ec9c900ee4f1547269e33d29c6fab04a3fc66242edc6cea4c52dd2c4c2ede2060bf4d13ad7d417
Score

3^/10
behavioral22
- Target
  
  encodings/cp1140.pyc
- Size
  
  2KB
- MD5
  
  cf1f1777db40a496b21ef99b53599f5d
- SHA1
  
  a29d33301960a88861bf1b3907f72611461cffbc
- SHA256
  
  f477255215f109f0d47046716bba7386e6187fab6a46f5c502c1b075e014b81c
- SHA512
  
  d902b6b69c402862810d402f2634e0910d5fbe4e6847f5a3a8d60083fa457d762c76ea1913c917340989669bddde921ac4b5b200a1b502060a9563f65a2bcf0d
Score

3^/10
behavioral23
- Target
  
  encodings/cp1250.pyc
- Size
  
  2KB
- MD5
  
  834a01f7847df0c67e1e73afd0a9a18f
- SHA1
  
  2f4dfa0dd13f33e97f43dc5606732653ff355837
- SHA256
  
  955d0b99707a4ac359c81d8aeb3834d6438ebd2079f1f3c888adcc8ae7909981
- SHA512
  
  be65aea542291a9e5c11a6a0e022db2c45c0ecbcecfb04aee4d0992804a25ad07dec25a0c9312666eb4cf95d4cc411a1187e463b5fed1e21b09b63c7022ab85b
Score

3^/10
behavioral24
- Target
  
  encodings/cp1251.pyc
- Size
  
  2KB
- MD5
  
  da2aae8eaa8da18a367e48646cc4a785
- SHA1
  
  958683f238f1c09df9a5e55c61fe0ef5c6a07bd1
- SHA256
  
  673a24ea23b66f9179d651a8ed1d44bd3081b488ba6919b0e26330fc7109d066
- SHA512
  
  008a46de09e5f5700e24647d055ebb5d75e3d54db38fc43a631b7ed83226775813f0ac7c80e66fb25f8ddb85fb88d05c7e7159f9e1cf89926113bcf7294d54d2
Score

3^/10
behavioral25
- Target
  
  encodings/cp1252.pyc
- Size
  
  2KB
- MD5
  
  eea20cb7b0bdf6f210fdcaa976f3a134
- SHA1
  
  7db83b6496db8285f04e41bcbc3f9a8f14b3e3e7
- SHA256
  
  4d168f89418c8e93bc73d8a3270814732956629bcc466ad68992e070f5b9463d
- SHA512
  
  5609eb543e8f7e43ac58b1263a90700f6cf2c4934c63d905c86f8dc360f6458792d6a50fde9f59fdd419a46552c49e1cd0c0174b92352080b9c5e76b4c1a3f1e
Score

3^/10
behavioral26
- Target
  
  encodings/cp1253.pyc
- Size
  
  2KB
- MD5
  
  307eba6d108f505ad6b08ff96df245d9
- SHA1
  
  99728d84bf0af52a63a2d023849db408f5e71653
- SHA256
  
  16d925f227560e202cfaf2f9175abfd2eed051f5e9809742a11fd5bfcb60965e
- SHA512
  
  0946b64f197c9607645a98b95f821726a5437cd432c3ba9b8fbb7b86fcd341099e7567a3aef733767151cac263a254de0a4222609d2a58eca7dd06e7e2029e6b
Score

3^/10
behavioral27
- Target
  
  encodings/cp1254.pyc
- Size
  
  2KB
- MD5
  
  0b207fa2a8b0df847a416674b92947e2
- SHA1
  
  dcae04b881d327f8585b12a47195779e827a41f8
- SHA256
  
  86c197d39d8d20e4859a4791eb874a19092ebed86d0130ab2e9d478ac5bca235
- SHA512
  
  2d6edeab93eae560adce5e6e2367049327dd7463d5294ff8de29e13f099ddcfb2fefb7fd9c44acdef63117de8ff03ce8e93793d05aa509e3152c39a7f1b81eb9
Score

3^/10
behavioral28
- Target
  
  encodings/cp1255.pyc
- Size
  
  2KB
- MD5
  
  97bd4dbc05611309a160f9c7299dfc09
- SHA1
  
  36cf3c99dd9ab5fe6bd38a8f873ab3c7b1c6af7f
- SHA256
  
  3397ef2f8a64fbb10e28591a9d859627709584cd5dfd81fd61e9f17cf9a58c75
- SHA512
  
  bfb64e992312430ea8ff3d500e5d99030099ac9e182350153ca794789e8cb00c1ab170bda645aef01d40d36eb5aba5e29038138e7c24ffec6409051eece86cec
Score

3^/10
behavioral29
- Target
  
  Heyo Token fucker/build/hi/hi.exe.manifest
- Size
  
  1KB
- MD5
  
  1e34ca4afe205e80283123e6dd12a6a7
- SHA1
  
  4d244fc2740839ab292e8fbdcb7d975781ef663f
- SHA256
  
  fc387e0a3b99976144cf891da9b48900f39f6db5926ee99730b0c15f6beefee0
- SHA512
  
  7cb8d52344477f60ce23e308886cfcfa995dc5cfc7cae9701b04b7c9dc8807e5f1462e090ed336695173b9894e92729cd6358b9bb56c43e756968e4d96ec7cfa
Score

3^/10
behavioral30
- Target
  
  Heyo Token fucker/build/hi/xref-hi.html
- Size
  
  927KB
- MD5
  
  0f4f4998a7e39ab4fb8143943dfc6ff1
- SHA1
  
  8577cad4833eaa6efb22270311d5d33c34e7c297
- SHA256
  
  84c1ccea45c156cb3e998e93e0f7165596c1bb20b98399487aea7b01a952a231
- SHA512
  
  58717a0ba6470f906a8ca0752b38c3a95fda86c3aca40df800bc46735f1abd6db282e9c1a9e0058c66b22ab3cfd03efab7cc27454571f7f611982c47786ca52e
Score

3^/10
behavioral31
- Target
  
  Heyo Token fucker/heyo multitool.exe
- Size
  
  10.8MB
- MD5
  
  ba23664e0875605cfd70ea9995a034e5
- SHA1
  
  c7ad049e50aa309ad14e0d58747e002e8b13e563
- SHA256
  
  2a0a338458defcb54661e07f6a49a81e849a38068915ae0f08ce6a8807be1005
- SHA512
  
  edd1fc32c27664b902f0ec2d5301c742b839256eaab9cff9ad62a032171a1937d66c969fed657f3f477efb57df710266ca3e1a5d422092ec6eb1ac358a8b7809
Score

3^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32