f4d23ab6ba5830822b4bbe16bd3e162669b5b01a86235ef29d7c1ee6a953a475 | Triage

Sharing

General

Target

TDRB.exe
Size

8.8MB
Sample

240201-zbnazagaaj
MD5

ece938da04c98c2f8b46a873b67fd0a7
SHA1

30d793d577a87f77e8c71d10f3c66d1b4fa34bf1
SHA256

f4d23ab6ba5830822b4bbe16bd3e162669b5b01a86235ef29d7c1ee6a953a475
SHA512

1cd4373c08fdaa469464240e75ea3eafff1f9da8429c97ac3e39009abe2c2e79b64cfb5f1c8617aa39df4adc8b51c42f8f83fe3baff828fe7491b7872e3a26fc
SSDEEP

196608:vfOMfHd2H5NDil9LgQY7dQmRJ8dA6lAIkaqdVTk2L8AebLsnk:Oc9QDD5dQuslAIwdcuk

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  TDRB.exe
- Size
  
  8.8MB
- MD5
  
  ece938da04c98c2f8b46a873b67fd0a7
- SHA1
  
  30d793d577a87f77e8c71d10f3c66d1b4fa34bf1
- SHA256
  
  f4d23ab6ba5830822b4bbe16bd3e162669b5b01a86235ef29d7c1ee6a953a475
- SHA512
  
  1cd4373c08fdaa469464240e75ea3eafff1f9da8429c97ac3e39009abe2c2e79b64cfb5f1c8617aa39df4adc8b51c42f8f83fe3baff828fe7491b7872e3a26fc
- SSDEEP
  
  196608:vfOMfHd2H5NDil9LgQY7dQmRJ8dA6lAIkaqdVTk2L8AebLsnk:Oc9QDD5dQuslAIwdcuk
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  tdrb.pyc
- Size
  
  4KB
- MD5
  
  6010cd1e214c891ebed1b622c6cc308f
- SHA1
  
  bfa4d55dc5904a9c4e9d4a7c9e5f58722483a401
- SHA256
  
  35e3a361541e993a4321bdf37475b46cd4db80230826ea5a733b3f8fb10aae90
- SHA512
  
  7ce22c6c62df2a2f87843033b8db567e66ecad418916c4bf964baf21e7349ea611c3e4c2c0b4b6953f4a1641af4b2c114f6911852541580649ea67f7569ca486
- SSDEEP
  
  96:+2glWaKApaKl1Z03h/In2f8DHIKYKen3V:8p2pTkDHIKFi3V
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4