Overview

overview

8

Static

static

1

main.py

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    Auto-Scraper-V2_1.zip

  • Size

    3KB

  • Sample

    240115-bd13vafcf6

  • MD5

    ea6d25e45b692cb7a7ce1375f2080c5d

  • SHA1

    1491e73b1c525649950700ff2f470d296d4fe849

  • SHA256

    243c97bf946bb4e45e82f819220af83bf0d205332b18d95011fefb4fe35d14f2

  • SHA512

    e2e4ac57fb151684711154e66a16f6413a2865a497f2370d6ac8172065e9ac8473d0d2c12110c3a9b88cabab8159a348c0239ad0704942cc8996a0eff0a0c079

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      main.py

    • Size

      10KB

    • MD5

      d4651c786df7bf1c73d536861eae27a2

    • SHA1

      b4c7692787a34f6dfc28aba5fefc7bf76a2f6713

    • SHA256

      73d3ae0a2f0054fc43a0a116c55da5004ce75445064e82c4d388adefc1f11c92

    • SHA512

      67fed6c94b61dec4f7f4a3dc6addd7f3717b8c31e952b22ffbffe37124637f7c6e46f939becefaac415743559549d6b1088142e1cef6a8d92df33f730c8eb10a

    • SSDEEP

      192:CFCcdr55NQJ4HsJgDpCU2jUqhWoKdaQ0OLdoDm7KGJ2onorhlNtsQWGIgtepiOPW:CM8QJ4HsJgDpCU2jUqhWo6aRqd1ZotFr

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks