e3e65686d42cf133c5ceb19e101515553160b57d4b08deabb05e1710131d6dd9 | Triage

Sharing

General

Target

bionic.exe
Size

23.3MB
Sample

231009-ramztadc31
MD5

fb1fd3d0b3802461df17201c00bc6f3e
SHA1

81b945821342a2649d0b20c4de40d6abd281f272
SHA256

e3e65686d42cf133c5ceb19e101515553160b57d4b08deabb05e1710131d6dd9
SHA512

26531dc7c8167d7f3e0e24e97cec27095488c199ad44de59a860f99ce69ad5e6218ebbc70c585cdebcf464fd41d7eec21bdd1c8bfae3c85b225b10d3bb727411
SSDEEP

393216:LiIE7Yogq9c5hlERc1OPVFfdaP8eJVsB79o5Yk2mLK3dYuAdZYyQ6rqkKleahL6R:47rgGEhkTPVFfdoeUrLGrAdZvWkKlPhk

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  bionic.exe
- Size
  
  23.3MB
- MD5
  
  fb1fd3d0b3802461df17201c00bc6f3e
- SHA1
  
  81b945821342a2649d0b20c4de40d6abd281f272
- SHA256
  
  e3e65686d42cf133c5ceb19e101515553160b57d4b08deabb05e1710131d6dd9
- SHA512
  
  26531dc7c8167d7f3e0e24e97cec27095488c199ad44de59a860f99ce69ad5e6218ebbc70c585cdebcf464fd41d7eec21bdd1c8bfae3c85b225b10d3bb727411
- SSDEEP
  
  393216:LiIE7Yogq9c5hlERc1OPVFfdaP8eJVsB79o5Yk2mLK3dYuAdZYyQ6rqkKleahL6R:47rgGEhkTPVFfdoeUrLGrAdZvWkKlPhk
Score

7^/10
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  Genio.pyc
- Size
  
  14KB
- MD5
  
  f3a559889aa2a69d3af4523f9b9cd332
- SHA1
  
  6a10ee7cbf4792a52064f338b805ff2eb57acd02
- SHA256
  
  208ac99a1bf812b6170351c7aaa990c385d0d475047df3fd04afebe9905599d1
- SHA512
  
  950d3315f547acce8cd84fbdee50a0822d50307d36cd484cb6f111ba0bfde8cb3199914118013f5faefee88d977e26920549470c2445cf3085c066e4dc06bc67
- SSDEEP
  
  384:joLCmP0IfbMFHizzpWFIblQ70945nuZqyh6nCaen:jo3P0cCQT6u16sn
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4