Overview

overview

8

Static

static

3

test.exe

windows10-1703-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test.exe

  • Size

    5.7MB

  • Sample

    230414-3q9pascd56

  • MD5

    72de7087af7f11c524d005477074f078

  • SHA1

    0b748ac6f573e28b6b3f10e5ae61c2431f09eaee

  • SHA256

    687db9c3f39c1996c4835d8dbb053ea57cdddcd29c5346349a0a8059725de9f3

  • SHA512

    84d39c28abd8c24d5e7d40c3132cdd75ffe0b14cbc8036f3dfa2138b5944d9c1a5767009c0e71f6ba222df42c009261cf64a9d1628759527c8b5fd81963e84c7

  • SSDEEP

    98304:4o5wZh2uW5MI079g+D3O7/Xuy/+7F+7cETACV10bmv6k5Dcu:4gwZEL2V76+D3c/f/+ScEj10iiyDc

Score
8/10
evasionpyinstaller

Malware Config

Targets

    • Target

      test.exe

    • Size

      5.7MB

    • MD5

      72de7087af7f11c524d005477074f078

    • SHA1

      0b748ac6f573e28b6b3f10e5ae61c2431f09eaee

    • SHA256

      687db9c3f39c1996c4835d8dbb053ea57cdddcd29c5346349a0a8059725de9f3

    • SHA512

      84d39c28abd8c24d5e7d40c3132cdd75ffe0b14cbc8036f3dfa2138b5944d9c1a5767009c0e71f6ba222df42c009261cf64a9d1628759527c8b5fd81963e84c7

    • SSDEEP

      98304:4o5wZh2uW5MI079g+D3O7/Xuy/+7F+7cETACV10bmv6k5Dcu:4gwZEL2V76+D3c/f/+ScEj10iiyDc

    Score
    8/10
    evasionpyinstaller

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks