11443044649b6f0fb8024d913c42993aae4a37bb9400ec9254635535afa17284 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

pytrojan.exe

windows10-2004-x64

7

Sharing

General

Target

pytrojan.exe
Size

11.8MB
Sample

221201-25ayvaag94
MD5

9b06a98f9e3738ca33bf4be1e7478c31
SHA1

02f1a547a15a983f1b05eb59eb4992239021dcc0
SHA256

11443044649b6f0fb8024d913c42993aae4a37bb9400ec9254635535afa17284
SHA512

c6ad672b0bbdf7ca3a6aca9a84e8e1f17c5ea1d29a2925d0ddbfb2fb7307fa7a68c4be932aea8c08499e1e8f85a56a1af409b10159e01e1e914b27fe0e6f05f7
SSDEEP

196608:WtH6JL2V76+DlNJm3AqQTNfwZHYYX/1q3+dgSfPhZBJHa0W8/LaXzBlu:maJL2V76ml/m3pQBkFq3+d9fXBJHtW8s

Score

7^/10

bootkit persistence pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

pytrojan.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

14 signatures

1800 seconds

Malware Config

Targets

- Target
  
  pytrojan.exe
- Size
  
  11.8MB
- MD5
  
  9b06a98f9e3738ca33bf4be1e7478c31
- SHA1
  
  02f1a547a15a983f1b05eb59eb4992239021dcc0
- SHA256
  
  11443044649b6f0fb8024d913c42993aae4a37bb9400ec9254635535afa17284
- SHA512
  
  c6ad672b0bbdf7ca3a6aca9a84e8e1f17c5ea1d29a2925d0ddbfb2fb7307fa7a68c4be932aea8c08499e1e8f85a56a1af409b10159e01e1e914b27fe0e6f05f7
- SSDEEP
  
  196608:WtH6JL2V76+DlNJm3AqQTNfwZHYYX/1q3+dgSfPhZBJHa0W8/LaXzBlu:maJL2V76ml/m3pQBkFq3+d9fXBJHtW8s
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

© 2018-2025

Terms | Privacy