Overview

overview

9

Static

static

3

324.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    324.exe

  • Size

    90KB

  • Sample

    230903-3kxgsada52

  • MD5

    93cadced57b175ac4e11abc0b99976dc

  • SHA1

    f475cc1604d3475e4df9523f4569d068d017865b

  • SHA256

    1aa384a4dc67976a8bedff837181b2ba35909ab9c1d0a3f4678caf862f7ef79a

  • SHA512

    fc36358ac5e95e0cb46942ff3a26264c6203d053169308482d14d496cf689ddf45230f32be5e8fa596d52543932e978fb6ae0f1b4a815d84ecb4a507b024144a

  • SSDEEP

    1536:z7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf7wBbOB:v7DhdC6kzWypvaQ0FxyNTBf7u2

Score
9/10
discoverypyinstaller

Malware Config

Targets

    • Target

      324.exe

    • Size

      90KB

    • MD5

      93cadced57b175ac4e11abc0b99976dc

    • SHA1

      f475cc1604d3475e4df9523f4569d068d017865b

    • SHA256

      1aa384a4dc67976a8bedff837181b2ba35909ab9c1d0a3f4678caf862f7ef79a

    • SHA512

      fc36358ac5e95e0cb46942ff3a26264c6203d053169308482d14d496cf689ddf45230f32be5e8fa596d52543932e978fb6ae0f1b4a815d84ecb4a507b024144a

    • SSDEEP

      1536:z7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIf7wBbOB:v7DhdC6kzWypvaQ0FxyNTBf7u2

    Score
    9/10
    discoverypyinstaller

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Contacts a large (921) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks