Malware Analysis Report

2024-11-30 12:35

Sample ID 231020-p89kcsda26
Target RC7.exe
SHA256 9a7a2044f27578e43db777525f488e1beb53761afd19ff6bf38f334876045b7a
Tags
pyinstaller pysilon
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9a7a2044f27578e43db777525f488e1beb53761afd19ff6bf38f334876045b7a

Threat Level: Known bad

The file RC7.exe was found to be: Known bad.

Malicious Activity Summary

pyinstaller pysilon

Detect Pysilon

Pysilon family

Detects Pyinstaller

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-10-20 13:01

Signatures

Detect Pysilon

Description Indicator Process Target
N/A N/A N/A N/A

Pysilon family

pysilon

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-10-20 13:01

Reported

2023-10-20 13:02

Platform

win10v2004-20230915-en

Max time kernel

33s

Max time network

55s

Command Line

"C:\Users\Admin\AppData\Local\Temp\RC7.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\RC7.exe

"C:\Users\Admin\AppData\Local\Temp\RC7.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp

Files

N/A