5a98f874c08f5e440420638e94ba8048238f761121941ab48702caa3ec51615b | Triage

Sharing

General

Target

tristan.exe
Size

18.0MB
Sample

240221-s714daac8y
MD5

14f950de43edfe338769ea8abb763c1d
SHA1

9f07f131abf9cf0f45b50858da3fcf4eacd934b3
SHA256

5a98f874c08f5e440420638e94ba8048238f761121941ab48702caa3ec51615b
SHA512

4b882dc125fdef994879e69e4fe6957cb3f4afaed3ee019e302c3f93e76e45226f5467f68533a245fde94c1e82b655dc23e0d8ebaa388103e6ad2e4fce8caaec
SSDEEP

393216:9/OL3/dzgf8iVSo03kiJoX1+TtIiFHuvB5IjWqn6eCz1+ymWX8Wjs+da:wpbiwo03kiuX1QtIaS3ILn6e/ymJes+

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  tristan.exe
- Size
  
  18.0MB
- MD5
  
  14f950de43edfe338769ea8abb763c1d
- SHA1
  
  9f07f131abf9cf0f45b50858da3fcf4eacd934b3
- SHA256
  
  5a98f874c08f5e440420638e94ba8048238f761121941ab48702caa3ec51615b
- SHA512
  
  4b882dc125fdef994879e69e4fe6957cb3f4afaed3ee019e302c3f93e76e45226f5467f68533a245fde94c1e82b655dc23e0d8ebaa388103e6ad2e4fce8caaec
- SSDEEP
  
  393216:9/OL3/dzgf8iVSo03kiJoX1+TtIiFHuvB5IjWqn6eCz1+ymWX8Wjs+da:wpbiwo03kiuX1QtIaS3ILn6e/ymJes+
Score

7^/10
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2
- Target
  
  tristan.pyc
- Size
  
  69KB
- MD5
  
  25893a780ca773b260dc474ce01d94b3
- SHA1
  
  cd41c4ff0d8aa7c6172c49e8a18ccf680c602c5c
- SHA256
  
  442d3b244861d32864fb17a380e2c43495e3c4f38591200472afff27083410aa
- SHA512
  
  25399a200286bb25781a5f33933c6c866660c6ed525c53fdf40300ae944dcee595ae6f5f9905dc40f08c19082285b52b0f1b6c7a26abe76c6bbcf97ab9aa9b42
- SSDEEP
  
  768:kNs8S3Irw/gMxvCWUL8OsvPi3K2nFcWAXTxcPdCA79/GleK1AnjdRnrBIUy:k2IrYv+SNxjlJKpVrm
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4