Overview

overview

7

Static

static

3

Prometheus-v2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Prometheus-v2.exe

  • Size

    20.0MB

  • Sample

    230205-rzslladb9w

  • MD5

    54de040a39104aa92d88e971dcbe8ee3

  • SHA1

    c6d5c44272cdcd475491b9c16edb7dd698e8cdce

  • SHA256

    14ddebbe4dd91a64df82b1224c4a811a01f411b087f7091cd609d4b1606c907f

  • SHA512

    193f5b7af502a2aec1a9f973d82bc582cf14b9aa6c710ef5a94a25b31d4017f7c49b6e6599d582e05c96f73b38e83d6543bc58a558b9e7872f6c3a563c1d0981

  • SSDEEP

    393216:w/OyazuXZZIKdQuslN/m3puIwdCJ4/q3+d9yV4aMR/5kcwW8anYGGBqs2:w2xzuJtdQu4Kux64SOd9ySYcwW883Aqs

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      Prometheus-v2.exe

    • Size

      20.0MB

    • MD5

      54de040a39104aa92d88e971dcbe8ee3

    • SHA1

      c6d5c44272cdcd475491b9c16edb7dd698e8cdce

    • SHA256

      14ddebbe4dd91a64df82b1224c4a811a01f411b087f7091cd609d4b1606c907f

    • SHA512

      193f5b7af502a2aec1a9f973d82bc582cf14b9aa6c710ef5a94a25b31d4017f7c49b6e6599d582e05c96f73b38e83d6543bc58a558b9e7872f6c3a563c1d0981

    • SSDEEP

      393216:w/OyazuXZZIKdQuslN/m3puIwdCJ4/q3+d9yV4aMR/5kcwW8anYGGBqs2:w2xzuJtdQu4Kux64SOd9ySYcwW883Aqs

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks