General
-
Target
4f071935b4f40c97af5430c04763dd123bed3fcb95e7c1b1522785eba0fd8d94
-
Size
15.1MB
-
Sample
231207-pnawasaf33
-
MD5
8fbc7abf152534ed4f67bd79c9e1bd91
-
SHA1
ee0bab13a3340d4a7de054cce084861745bd4fa7
-
SHA256
4f071935b4f40c97af5430c04763dd123bed3fcb95e7c1b1522785eba0fd8d94
-
SHA512
131a308196766b3e77550444c73744844762e278573e8266155c9fa5226130afc7db454dbc73ceee6261340d169696ef3e68ea9f720f7893cff7ef5449e3ed74
-
SSDEEP
393216:SC5bXGDyZGUGaoJTeeLuSNPYzCskmsOKzI7hm2h/:Zb9ZGUGaoJ1JYfnKkdm2B
Static task
static1
Behavioral task
behavioral1
Sample
Psiphon 3.180.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Psiphon 3.180.exe
Resource
win10v2004-20231130-en
Behavioral task
behavioral3
Sample
_Silent Install.cmd
Resource
win7-20231130-en
Behavioral task
behavioral4
Sample
_Silent Install.cmd
Resource
win10v2004-20231130-en
Behavioral task
behavioral5
Sample
_Unpack Portable.cmd
Resource
win7-20231023-en
Behavioral task
behavioral6
Sample
_Unpack Portable.cmd
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
Psiphon 3.180.exe
-
Size
15.2MB
-
MD5
c100e968a91a576724033467b2163e38
-
SHA1
de37803bfd9f016af512208ae06296a55d389b74
-
SHA256
6fa6c7ad84d8cf15ad5a1f50685857ddbe4c7a4b055ff4433803487016553fc1
-
SHA512
d5a09600a0a4152c16b18f0dd9770d34364cd3d91d9e27cac16c88d7ed9800618245926dac930f1f6f363e6378a360950813ff0759837ceab509505c69e76e5f
-
SSDEEP
393216:rIB8BjPaVYRdSIxwo9nyf6QWMmsqVEtrMKr6:y8sVYR3Jy7HqqlMKG
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
_Silent Install.cmd
-
Size
1KB
-
MD5
49250755d31d59d1506c4bc9dc3076ae
-
SHA1
4bd58bb36e82c5f84483a608d18342bf7663ad84
-
SHA256
fe2e6af340c845688abd9c1a19fdcfcc7e8817a3535f6139cc119eaa94dc55e0
-
SHA512
cc2e6be6d4c726f1bdacc034f81a8403468f3d9a1c40fdb5b3dee6897a6b402c98e1ef7534b7f45462a96f0d81a291d89543e12c1ac7381be05e7fa0a66e0ee5
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
_Unpack Portable.cmd
-
Size
1KB
-
MD5
03a0cc3243319d45abe3fb7994d2f9a8
-
SHA1
cb006d74666c921a05daa6f278626831d0ee44b9
-
SHA256
a6e3fa0747ac7babc9bb1d6bf51aef9d33c02621083f8747bc2a3b5eac53c823
-
SHA512
44e7bb06f729fb6959e0d67b16d5aa1eeca7372c6f5656aadac0e63c5aa5ed9da9b8f08eb63803c10d1e5b8d61a983c604d13b7a65c5013a968fe0cd485eb349
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-