empyrean | 48261fdcf568067be754fc24035bc0e90d76458c3b556fdd5a3c3644237a45ad | Triage

Submit
Reports

Overview

overview

Static

static

Haze.exe

windows10-1703-x64

7

main.pyc

windows10-1703-x64

3

Sharing

General

Target

Haze.exe
Size

17.7MB
Sample

240125-hjvlksbaaq
MD5

49c19d9d5166b6e716708ccf71c470af
SHA1

edd354754d24ba999b5cfb81eef20093d0513920
SHA256

48261fdcf568067be754fc24035bc0e90d76458c3b556fdd5a3c3644237a45ad
SHA512

cd880ab760b65022c13ddc58c173714555976377facc8d0555aaf0733f2294f8f7724b11e3c89fd22d1000aa0cad156c88b1692b958a3ef6e2bea984512cf125
SSDEEP

393216:2qPnLFXlreQpDOETgsvfGabgwFTvE4ca0+2dq:bPLFXNeQoEnBF4Y0+t

Score

10^/10

empyrean pyinstaller upx

Static task

static1

pyinstaller empyrean

4 signatures

Behavioral task

behavioral1

Sample

Haze.exe

Resource

win10-20231215-en

windows10-1703-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

main.pyc

Resource

win10-20231215-en

windows10-1703-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Haze.exe
- Size
  
  17.7MB
- MD5
  
  49c19d9d5166b6e716708ccf71c470af
- SHA1
  
  edd354754d24ba999b5cfb81eef20093d0513920
- SHA256
  
  48261fdcf568067be754fc24035bc0e90d76458c3b556fdd5a3c3644237a45ad
- SHA512
  
  cd880ab760b65022c13ddc58c173714555976377facc8d0555aaf0733f2294f8f7724b11e3c89fd22d1000aa0cad156c88b1692b958a3ef6e2bea984512cf125
- SSDEEP
  
  393216:2qPnLFXlreQpDOETgsvfGabgwFTvE4ca0+2dq:bPLFXNeQoEnBF4Y0+t
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  main.pyc
- Size
  
  7KB
- MD5
  
  ca32c07492a1fada864d095da592bd7c
- SHA1
  
  4d6fa7821cafc7fc509e309e9ae3e288270d79f9
- SHA256
  
  7309889358df58bf1ddde149d3d3be2befb63a281299e0e45eee00164e96f796
- SHA512
  
  34cbe99a24ec3f8857b66840494bd2bc655bee73a9b21354aed43ba9c1076cf944cd5180eb5fc32d8217e85b3e65082faa14bfd3d0673595e9fec7fd515b7637
- SSDEEP
  
  192:wtLkD8QhYWdXwGYFQaISovJhwJni4MdwhMYnw:CLVWuTF2S+2JBPzw
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallerempyrean

behavioral1

behavioral2

© 2018-2025

Terms | Privacy