d99bf38cb207b2d5824898f2a9f2a15cc18635380087b4800e8b3e14594a7376 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

My Logo.txt

windows10-2004-x64

8

Sharing

General

Target

My Logo.txt
Size

810B
Sample

230510-rr8ylsge35
MD5

49e17e34956aa9f53d0b0f6c60676227
SHA1

69ad883d69792b67fa9e227bb22c011f20c6b645
SHA256

d99bf38cb207b2d5824898f2a9f2a15cc18635380087b4800e8b3e14594a7376
SHA512

bdcc1563be6a7328aa75722425fcd0c8e0812c9ca04e619ae089a7c464e2d6979dfb1b92d7af85e404b894e3462347911cd8563e7e8032e3275970f2e1c8df25

Score

8^/10

persistence pyinstaller

Static task

static1

Behavioral task

behavioral1

Sample

My Logo.txt

Resource

win10v2004-20230221-en

persistence pyinstaller

windows10-2004-x64

21 signatures

1800 seconds

Malware Config

Targets

- Target
  
  My Logo.txt
- Size
  
  810B
- MD5
  
  49e17e34956aa9f53d0b0f6c60676227
- SHA1
  
  69ad883d69792b67fa9e227bb22c011f20c6b645
- SHA256
  
  d99bf38cb207b2d5824898f2a9f2a15cc18635380087b4800e8b3e14594a7376
- SHA512
  
  bdcc1563be6a7328aa75722425fcd0c8e0812c9ca04e619ae089a7c464e2d6979dfb1b92d7af85e404b894e3462347911cd8563e7e8032e3275970f2e1c8df25
Score

8^/10

persistence pyinstaller
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops Chrome extension
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Web Service

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

persistencepyinstaller

© 2018-2025

Terms | Privacy