Overview

overview

9

Static

static

3

ce5cf3b964...db.exe

windows7-x64

9

ce5cf3b964...db.exe

windows10-2004-x64

7

098dfbe8ed...18.pyc

windows7-x64

3

098dfbe8ed...18.pyc

windows10-2004-x64

3

Resubmissions

03-08-2023 10:09

230803-l66h5scg59 9

03-08-2023 08:13

230803-j4rabscb95 9

03-08-2023 08:07

230803-jz65zscb64 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ce5cf3b964e636d546bf2c52423296bda06b7fe47e6f8a757f165a3be93c88db

  • Size

    6.1MB

  • Sample

    230803-jz65zscb64

  • MD5

    a0fea954561663f60059420e6c78fa5c

  • SHA1

    d5d37ae269008e9bfddc171c3b05bd3d43a5cd4d

  • SHA256

    ce5cf3b964e636d546bf2c52423296bda06b7fe47e6f8a757f165a3be93c88db

  • SHA512

    bda26b069df556e88a763c3fc77990d13c73b2d314333db60ec8fc06091fd656c235fbd46eb8c2ea5287fcdbbb413cb3a550f2475a4ad95894a67ae5b130df50

  • SSDEEP

    196608:iMa/eLKguAgyc2gcnhcPQwjQwX746VYx:zuAs2guc4FfNx

Score
9/10
pyinstallerransomwarespywarestealer

Malware Config

Targets

    • Target

      ce5cf3b964e636d546bf2c52423296bda06b7fe47e6f8a757f165a3be93c88db

    • Size

      6.1MB

    • MD5

      a0fea954561663f60059420e6c78fa5c

    • SHA1

      d5d37ae269008e9bfddc171c3b05bd3d43a5cd4d

    • SHA256

      ce5cf3b964e636d546bf2c52423296bda06b7fe47e6f8a757f165a3be93c88db

    • SHA512

      bda26b069df556e88a763c3fc77990d13c73b2d314333db60ec8fc06091fd656c235fbd46eb8c2ea5287fcdbbb413cb3a550f2475a4ad95894a67ae5b130df50

    • SSDEEP

      196608:iMa/eLKguAgyc2gcnhcPQwjQwX746VYx:zuAs2guc4FfNx

    Score
    9/10
    ransomwarespywarestealer

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

    • Target

      098dfbe8edd22b4f2feb413527e4d318.pyc

    • Size

      431KB

    • MD5

      f75e31e405f83ea18f457a99d611f2c5

    • SHA1

      5cf321fc5bbdff58bad7b54dd6cfef164e84c3c4

    • SHA256

      6596c9f4a0f2bec3b5e52654e929ddfb3246f2a9def698bcd7908bbca4b30d12

    • SHA512

      9f05d2be142ee9039b82dffda3241f80b24d3552c50ba4d0d695153e4feca0700ee705e106d6b7d914a4e24f46245fb6f82bcb02fd17d1d577d93026c370a6ed

    • SSDEEP

      12288:IVA8g5my1hA8/cnrdAXqNnco291Jzq2QJZKy:eHg5DAlrxnqPzS

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

2
T1070

File Deletion

2
T1070.004

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Inhibit System Recovery

2
T1490

Resource Development

Reconnaissance

Tasks