Overview

overview

10

Static

static

10

antagaonist.exe

windows7-x64

7

antagaonist.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    antagaonist.rar

  • Size

    14.2MB

  • Sample

    240108-z1f8ysbfar

  • MD5

    231b906979c492e7a42f36dc9b5b0563

  • SHA1

    50c776c9f6deb6284b7a8b5351a6408854ed7fa6

  • SHA256

    b9a2e8e5072fff36841654e18300f61b57514e670553e98d08332fce12842765

  • SHA512

    f6a2e6bfc904f870fe81b4e685287971d6fe1aeba1460312b00dcbb14a3c2461e7b73e601eec912b45cba6de5ea2de8ec1d573fc8d027118d8d068d65ae2bd83

  • SSDEEP

    393216:GFrByLxGxV4tSSlpiwf+ASiqrbEUytidqlazZ9eHHqQQx1rU:GFrcLgxV4tSSlhfYiQbLygq0l9eHHlQU

Score
10/10
crealstealerpyinstaller

Malware Config

Targets

    • Target

      antagaonist.exe

    • Size

      14.4MB

    • MD5

      7fd7835215946026612456572996b4a4

    • SHA1

      64b5f2d6a5fd2a36e70436af29deae0ceafbb457

    • SHA256

      6bbd73fb9dbfa61e7e17f94f19087009bdeed47619c7fcdaa790afbd82f020fa

    • SHA512

      d88e622f96631e639f44b516f3c89f1c3547840a3091b3535e0baed921e81e42d37ad1848732e79580ca3cf4347b83a1102678e45474692f3ddc19507f04886f

    • SSDEEP

      393216:/X7QMidQuslSq99oWOv+9fgTz+qk7/MOw:/LQ3dQuSDorvSYTz+b/A

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks