Overview

overview

3

Static

static

3

TO PC/TO PC.exe

windows10-2004_x64

TO PC/VCRU...40.dll

windows10-2004_x64

3

TO PC/_asyncio.dll

windows10-2004_x64

3

TO PC/_bz2.dll

windows10-2004_x64

3

TO PC/_ctypes.dll

windows10-2004_x64

3

TO PC/_decimal.dll

windows10-2004_x64

3

TO PC/_hashlib.dll

windows10-2004_x64

3

TO PC/_lzma.dll

windows10-2004_x64

3

TO PC/_mul...ng.dll

windows10-2004_x64

3

TO PC/_overlapped.dll

windows10-2004_x64

3

TO PC/_queue.dll

windows10-2004_x64

3

TO PC/_ssl.dll

windows10-2004_x64

1

TO PC/libc..._1.dll

windows10-2004_x64

3

TO PC/libffi-7.dll

windows10-2004_x64

3

TO PC/libssl-1_1.dll

windows10-2004_x64

1

TO PC/pyexpat.dll

windows10-2004_x64

3

TO PC/python39.dll

windows10-2004_x64

3

TO PC/select.dll

windows10-2004_x64

3

TO PC/unicodedata.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TO PC.rar

  • Size

    6.3MB

  • Sample

    220512-spz4cshge9

  • MD5

    008aa651bc229cd5ce32e11959431413

  • SHA1

    b3902e8981b6eb94ede8d686b94b7206041712d1

  • SHA256

    48e7e1700010c25662ae7324d7798570e95d7227ef74a4fadf7b7d6e695b5a96

  • SHA512

    2764a4a7271ec7061e7efdd9bcb4a227cc3d3e6424f92de627533798d094d5f753db5adaa8ed0566a5e565bbe4b785dc43f97a2fa3ef5611890118eea28437d4

Score
3/10
pyinstaller

Malware Config

Targets

    • Target

      TO PC/TO PC.exe

    • Size

      2.0MB

    • MD5

      af5ac468347f80de80f7c8414b8980b7

    • SHA1

      9e7491adaac59c07664b5b0935676b053597eb71

    • SHA256

      c0c960c3339aa936e0459ff424d5babdcc081fc0414d23c5807aa3bb2f3cc427

    • SHA512

      4a91d6cae1734a41c69ebc75b0a4c3967a6913c50bf0bd5a8c69d34928ba6e4a8148ac89ed9ddc63900eaf8e0932fa2cfbd6faa3bbea7f3dc24b8e62501c5642

    Score
    1/10
    behavioral1

    • Target

      TO PC/VCRUNTIME140.dll

    • Size

      93KB

    • MD5

      4a365ffdbde27954e768358f4a4ce82e

    • SHA1

      a1b31102eee1d2a4ed1290da2038b7b9f6a104a3

    • SHA256

      6a0850419432735a98e56857d5cfce97e9d58a947a9863ca6afadd1c7bcab27c

    • SHA512

      54e4b6287c4d5a165509047262873085f50953af63ca0dcb7649c22aba5b439ab117a7e0d6e7f0a3e51a23e28a255ffd1ca1ddce4b2ea7f87bca1c9b0dbe2722

    Score
    3/10
    behavioral2

    • Target

      TO PC/_asyncio.pyd

    • Size

      63KB

    • MD5

      86c1fa7f84e05043885f0e510508d409

    • SHA1

      397806fdb6dbf7c513c18b0e56032e0eddf4a250

    • SHA256

      69a7e18b4284aee2d796320cb81079ed4419d643dc58f342e2bee83eef1f215b

    • SHA512

      9be67af77324add7641d1d8717a8037abc7d71573310b2df593b6d502193ce07f7a17496ed6b01546d3b9428eac1d043f8decf25be663f14d20c1402b162c76a

    Score
    3/10
    behavioral3

    • Target

      TO PC/_bz2.pyd

    • Size

      84KB

    • MD5

      e91b4f8e1592da26bacaceb542a220a8

    • SHA1

      5459d4c2147fa6db75211c3ec6166b869738bd38

    • SHA256

      20895fa331712701ebfdbb9ab87e394309e910f1d782929fd65b59ed76d9c90f

    • SHA512

      cb797fa758c65358e5b0fef739181f6b39e0629758a6f8d5c4bd7dc6422001769a19df0c746724fb2567a58708b18bbd098327bfbdf3378426049b113eb848e9

    Score
    3/10
    behavioral4

    • Target

      TO PC/_ctypes.pyd

    • Size

      124KB

    • MD5

      6fe3827e6704443e588c2701568b5f89

    • SHA1

      ac9325fd29dead82ccd30be3ee7ee91c3aaeb967

    • SHA256

      73acf2e0e28040cd696255abd53caaa811470b17a07c7b4d5a94f346b7474391

    • SHA512

      be2502c006a615df30e61bea138bd1afca30640f39522d18db94df293c71df0a86c88df5fd5d8407daf1ccea6fac012d086212a3b80b8c32ede33b937881533a

    Score
    3/10
    behavioral5

    • Target

      TO PC/_decimal.pyd

    • Size

      264KB

    • MD5

      65287fd87a64bc756867a1afddec9e29

    • SHA1

      cda1db353f81df7a4a818add8f87bca9ac840455

    • SHA256

      df19c2e6ec3145166fa8d206c11db78bc1979a027105c4f21d40410b5082ba34

    • SHA512

      3e3f19cf965b260ffc68e45d5101234e8a957411c076a0d487d307dcfa714a9801cb501224fe7621937aebdf90275f655c8a70dd6675bcfb5374404fda53236f

    Score
    3/10
    behavioral6

    • Target

      TO PC/_hashlib.pyd

    • Size

      64KB

    • MD5

      7c69cb3cb3182a97e3e9a30d2241ebed

    • SHA1

      1b8754ff57a14c32bcadc330d4880382c7fffc93

    • SHA256

      12a84bacb071b1948a9f751ac8d0653ba71a8f6b217a69fe062608e532065c20

    • SHA512

      96dbabbc6b98d473cbe06dcd296f6c6004c485e57ac5ba10560a377393875192b22df8a7103fe4a22795b8d81b8b0ae14ce7646262f87cb609b9e2590a93169e

    Score
    3/10
    behavioral7

    • Target

      TO PC/_lzma.pyd

    • Size

      159KB

    • MD5

      493c33ddf375b394b648c4283b326481

    • SHA1

      59c87ee582ba550f064429cb26ad79622c594f08

    • SHA256

      6384ded31408788d35a89dc3f7705ea2928f6bbdeb8b627f0d1b2d7b1ea13e16

    • SHA512

      a4a83f04c7fc321796ce6a932d572dca1ad6ecefd31002320aeaa2453701ed49ef9f0d9ba91c969737565a6512b94fbb0311aee53d355345a03e98f43e6f98b2

    Score
    3/10
    behavioral8

    • Target

      TO PC/_multiprocessing.pyd

    • Size

      29KB

    • MD5

      9dbdad4f13b8e097d6af69085c2dc3b1

    • SHA1

      7da46e5c06818fea1f548786f06cb5e461966164

    • SHA256

      a1fecbda3b6c6fbd6b231e259f556e9543c9b87f1e976f3be13032475b328e3e

    • SHA512

      4412d67f056fd20e76d69652bb4f6621e93c60cdb6bce3ab278d27f52521ae92f02fd0ed4b02d2672d4d2be70020961cfd24700f8b638b12772d766cd184aa75

    Score
    3/10
    behavioral9

    • Target

      TO PC/_overlapped.pyd

    • Size

      45KB

    • MD5

      0d41b13272bdf3655470f280009a67e5

    • SHA1

      47285ca0a012fa747ec0f441266c88792847842b

    • SHA256

      8cd7e2c9892146816357c3e045ab7571959f6355f17a2cc6d8e72c184d67be2d

    • SHA512

      2db7d0f2210798bba2fd416876ee2f212c1d153d839f38660e7d0c6e2b5e51d96c7d400b3a477da02aa5027a3701da4341bf96a393997851c79a2ae9fb686945

    Score
    3/10
    behavioral10

    • Target

      TO PC/_queue.pyd

    • Size

      28KB

    • MD5

      103a38f7fbf0da48b8611af309188011

    • SHA1

      1db9e2cb2a92243da12efdca617499eb93ddcbf8

    • SHA256

      3bc50ac551635b9ce6fbcddea5d3d621c1216e49e9958fa24546ab8f6f2d111a

    • SHA512

      2e6c4b9786034cbf6a6d94761ed31807657ee10edd679147c838a2e6e97a0c13acd6e59bc6e69edf1ca725f12e0f972a0de0ae4b331da46dccd687c59096a250

    Score
    3/10
    behavioral11

    • Target

      TO PC/_ssl.pyd

    • Size

      151KB

    • MD5

      34b1d4db44fc3b29e8a85dd01432535f

    • SHA1

      3189c207370622c97c7c049c97262d59c6487983

    • SHA256

      e4aa33b312cec5aa5a0b064557576844879e0dccc40047c9d0a769a1d03f03f6

    • SHA512

      f5f3dcd48d01aa56bd0a11eee02c21546440a59791ced2f85cdac81da1848ef367a93ef4f10fa52331ee2edea93cbcc95a0f94c0ccefa5d19e04ae5013563aee

    Score
    1/10
    behavioral12

    • Target

      TO PC/libcrypto-1_1.dll

    • Size

      3.2MB

    • MD5

      89511df61678befa2f62f5025c8c8448

    • SHA1

      df3961f833b4964f70fcf1c002d9fd7309f53ef8

    • SHA256

      296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf

    • SHA512

      9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668

    Score
    3/10
    behavioral13

    • Target

      TO PC/libffi-7.dll

    • Size

      32KB

    • MD5

      eef7981412be8ea459064d3090f4b3aa

    • SHA1

      c60da4830ce27afc234b3c3014c583f7f0a5a925

    • SHA256

      f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    • SHA512

      dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Score
    3/10
    behavioral14

    • Target

      TO PC/libssl-1_1.dll

    • Size

      674KB

    • MD5

      50bcfb04328fec1a22c31c0e39286470

    • SHA1

      3a1b78faf34125c7b8d684419fa715c367db3daa

    • SHA256

      fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9

    • SHA512

      370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685

    Score
    1/10
    behavioral15

    • Target

      TO PC/pyexpat.pyd

    • Size

      187KB

    • MD5

      96d55e550eb6f991783ece2bca53583d

    • SHA1

      7b46eaae4e499a1f6604d3c81a85a0b827cc0b9e

    • SHA256

      f5d8188c6674cbd814abd1e0dd4e5a8bfadb28e31b5088ae6c4346473b03d17e

    • SHA512

      254b926690a565bc31cae88183745397c99d00b5d5417ab517a8762c8874dff8fcc30a59bda1cd41b0e19e2d807ac417293a3a001005996a5d4db43b9b14d5eb

    Score
    3/10
    behavioral16

    • Target

      TO PC/python39.dll

    • Size

      4.3MB

    • MD5

      5cd203d356a77646856341a0c9135fc6

    • SHA1

      a1f4ac5cc2f5ecb075b3d0129e620784814a48f7

    • SHA256

      a56afcf5f3a72769c77c3bc43c9b84197180a8b3380b6258073223bfd72ed47a

    • SHA512

      390008d57fa711d7c88b77937bf16fdb230e7c1e7182faea6d7c206e9f65ced6f2e835f9da9befb941e80624abe45875602e0e7ad485d9a009d2450a2a0e0f1f

    Score
    3/10
    behavioral17

    • Target

      TO PC/select.pyd

    • Size

      28KB

    • MD5

      0e3cf5d792a3f543be8bbc186b97a27a

    • SHA1

      50f4c70fce31504c6b746a2c8d9754a16ebc8d5e

    • SHA256

      c7ffae6dc927cf10ac5da08614912bb3ad8fc52aa0ef9bc376d831e72dd74460

    • SHA512

      224b42e05b4dbdf7275ee7c5d3eb190024fc55e22e38bd189c1685efee2a3dd527c6dfcb2feeec525b8d6dc35aded1eac2423ed62bb2599bb6a9ea34e842c340

    Score
    3/10
    behavioral18

    • Target

      TO PC/unicodedata.pyd

    • Size

      1.1MB

    • MD5

      7af51031368619638cca688a7275db14

    • SHA1

      64e2cc5ac5afe8a65af690047dc03858157e964c

    • SHA256

      7f02a99a23cc3ff63ecb10ba6006e2da7bf685530bad43882ebf90d042b9eeb6

    • SHA512

      fbde24501288ff9b06fc96faff5e7a1849765df239e816774c04a4a6ef54a0c641adf4325bfb116952082d3234baef12288174ad8c18b62407109f29aa5ab326

    Score
    3/10
    behavioral19

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks