General

  • Target

    MoneyPrinterV2-main.zip

  • Size

    58KB

  • Sample

    240302-q5e21sec54

  • MD5

    bbd1a2d7c56bfd08576f9b6181c1f7bc

  • SHA1

    465447922a07949f337a309459745f0df4d449f2

  • SHA256

    354f58076d89492a4981405a3c62f569be8a7505beca5f9443a9b649f8c6bbd7

  • SHA512

    a8d08812c6001c1971e03723b13ecdd8c6ca0534579c50e78223d60501205393f3b2fc5b81795132d801a7386e69a0ba36284e3a5bacd41399f810c2c8b24487

  • SSDEEP

    1536:2XFFRygJob+HaAZjfUWtt4nBop5hloXE/1XSFgMoKoyQThCn:E5yksrAZNWB+5hGXE/MDkTM

Malware Config

Targets

    • Target

      MoneyPrinterV2-main/scripts/upload_video.sh

    • Size

      774B

    • MD5

      d296c06da075d564a926414343f5df04

    • SHA1

      ddcfb90c6bea4fd0afd9d845ac0c4a2e3cfdf9e5

    • SHA256

      ae7f4444a29820daf4d1a6b3aff0d4f221e983958f306ad3cd0830e9d4a398aa

    • SHA512

      a5f23047f818840c2bed0a695a5d1fc75700613f5b8e81769dc4ca40acfc16e341f3ef35e72d174cab2dc89b009284e3e9786010e6ff84a634d66aafae94d501

    Score
    1/10
    • Target

      MoneyPrinterV2-main/src/art.py

    • Size

      282B

    • MD5

      e640a9991bdadb6e30ea7f17175cdd9b

    • SHA1

      d5b7a6ae8a07291367970edb602f3fbd14403a3f

    • SHA256

      f6748581f4e8bf5b6814c29830f991fc1b75f8bb7163660ebeab706c4b9a24ca

    • SHA512

      5f7e5879f9994f7be816cbeaac0dc63570d06a6bfe24cda19407d5f448bcdad0303ab39b15b463389690d5939be52188d77458d40b0f77a79297e3de6b7b3d5d

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      MoneyPrinterV2-main/src/cache.py

    • Size

      4KB

    • MD5

      472065301b96ab2d991267913ab471ea

    • SHA1

      ed2e475292e8c4e5c74d00705e73fb58e3e953f8

    • SHA256

      04f2bed94f992183034e4a6f2faf8e493c03b84f5c09a4e4fe153113e753b360

    • SHA512

      288294e75c46dad3d2333946bc5ec1733dce51b5f534ec11da270ed1c31c91c8fbce330d019d0420f5facfaa84254dc7efa4139e22211911fb5bb48e3961fedc

    • SSDEEP

      96:CQMDW2VMD4C9MDL/HMDNuKoNS1KNcpHSwZW5pxYW+MD0h:CNW284CUL/mN0FFL0h

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/classes/AFM.py

    • Size

      4KB

    • MD5

      0d7b4d474580fa63d20acbca54882707

    • SHA1

      adad73ee6033324168bc0551b0e439df74406503

    • SHA256

      b5dc6b8fecadd2b983ec4e10909efd854de374899653bd022a9016215518eb85

    • SHA512

      bf5f5e6c5efbac65541763cc21cf619beb8574b42916b64bb3798ee299f895c732e6ad150d8b66ae33e9bccc9f1fde9fd6f092988498895fe1ff536751fcbb77

    • SSDEEP

      96:9qPC8jHDYx5BCZftit50vF6K3ISl0D1/h8RNwyDOoci:yv4u1OKMd+PRObi

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/classes/Outreach.py

    • Size

      7KB

    • MD5

      a48f1f3f2ed907f3b68e5fc5d9ee00bc

    • SHA1

      4ad232f3e389e30f4ed48ece014637ac210c1070

    • SHA256

      5ebe83a3a3878cd7dab9cdec2f989c1dbcdfe9e7bc4c21d513b0afb5145fb73c

    • SHA512

      cf4f0d0accf7e21cea4e71ac9696164aeff630ae744fd1a18e3eba444c66ae9b543cdc32d81dbe724485e27a7c65b0dceba55e98e19b5c98b6706263eee99d21

    • SSDEEP

      96:69TcZM38ycBBAqOzVD0VbcVJE2ftm4BXdrybn9IImLbH0gRMNjwXlZUysfQZZwar:69QMeOJSaJDxwPv0YyOOVjH

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/classes/Tts.py

    • Size

      2KB

    • MD5

      b4409e4286f353abd342af24cb611581

    • SHA1

      9c1e1b74899a2804d663cf12a307196e894a085d

    • SHA256

      2dd36c6aff7f528781997d5e50b3bcadb0b4b77f41c9784d89f9c8f9425b4001

    • SHA512

      b17e563eeaa543381d2ea9ef5d064a22546b88f64c3c501afce05214655d931086d285a99fb5a7d1e8c0a841a03a47749fe63ca8bff79b831dcf829dfbc728d5

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/classes/Twitter.py

    • Size

      6KB

    • MD5

      080274f01c7a6270398165581a09c777

    • SHA1

      f22c804ba6465873ea83d837c16a75542d4bdbd3

    • SHA256

      5ea95b66761121009990c8f79ff97ddf1e7b9a96a4b7b9d78a603aaf5a6fd618

    • SHA512

      49b5735bb88f4c8f3b1f019c3debd9ec6ebd0dc413fd194cc6ed9261eac790c7b639033d03135bc1a552cf2d482fc78763c64cadac7f082a9883870e608dbdb1

    • SSDEEP

      48:+GDtZtLMEGY7jXYpb1wFnS5G233KmRbw3dq9neqhHNLvn2gVLFH/fyEUTpsYWbFN:+GlMjY7DYDwtCamrNLvjFjmMe6D7mOKI

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/classes/YouTube.py

    • Size

      23KB

    • MD5

      9eebbc0463a3c072e7d1eec1e657ffcf

    • SHA1

      e66b483d50e08a01da044771430306369791ff6f

    • SHA256

      e7b90b187c682efb23a4696dc2e14af1357519e09485de94ee8f401c9e804910

    • SHA512

      59572f51e493c75edc2d6467810b3b194df5daea16684eb306962e3aba68a723f0ff90dc0f4b48d78794b649b3fdf2f57a14a4a57a8e50b249dec29defe9fce6

    • SSDEEP

      384:4LH/jnzer17QM1fIHQClkSHSWlR59v+PnePVXX5eYF0P9St73:4LvnMKHnlZHSW9xaKXpem0P9Sp3

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/config.py

    • Size

      6KB

    • MD5

      7c04bd40b8298572435a7b40a8f3fdae

    • SHA1

      e9079f4553d665b951491f0142b23fe843cd990a

    • SHA256

      f6c2a958b3140f1e70dc4fd4ba533b674e82b160f3261c0b2ac2fc90df2dc71e

    • SHA512

      ccdebf51bdbdd2b24f2bceb14a5802cc7309350b81e0eedd7a205d973f46d6cd05218ab45b75b963d68448c127bdd2c280e3efe7e60945ec4daf6d9acbdf48ab

    • SSDEEP

      96:ZsZVjLv7lIDCTI8hwYLMDYBTo4DZbgGoG7ScXlsv3TGs9c2vfS3rD/C7VD+6pYTP:ZAVBHTIdPwcX371+NVAZ9Q

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/constants.py

    • Size

      1KB

    • MD5

      ca2cd13872a3a91be1351753c74c0669

    • SHA1

      7443a9bc08d63e9174322b927feb7f0af78655a7

    • SHA256

      6fb69ee003bb1ec7c00686aecf5c2618b915b8b0fbd924c729331772662148c4

    • SHA512

      ef5d0caf75cab97d000c5d478555a0d65f6238c627b36a044c7ed141d78c4601227a9a421f5282c934d1b2b79835494e67f010aa5e01542086e20c0e47d1c78b

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/cron.py

    • Size

      1KB

    • MD5

      f8df8698003ad1763b2026f6fc7324a1

    • SHA1

      9f11f88919465bbdd0a0045efca0af564feb9ebf

    • SHA256

      348624117587e5ff647380646600dc5347d3c9391aeeb277f4007a12f89114f2

    • SHA512

      237c444d9b0820287b29b0304ac57fe0e6ae5ad3e8d383d1577dbf4f81376af4ec3300c77d42ac41e830b7c404e52a808daa334a6baf8aa2aefc509b932f9237

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/main.py

    • Size

      13KB

    • MD5

      4b084aafeeac4d867190fc90aff89829

    • SHA1

      abf3aa2a5ff906bb8ca729b229a8ae53248fe23d

    • SHA256

      56312c87f17179c45e64d573b95dfc56fb939fa0f5dce7cd928d5e2c67ed20ec

    • SHA512

      345cb7f2fe008d8ca62e6479f89290d4f2d948e5860bd6eb1fbfa507cae98fd83163db355e469a6fb13247aa1c7022d94f828ab38c6eb10bae1f0a9cb9f148eb

    • SSDEEP

      192:687N4DD8NqIM31NIodm8sln4oIa3XheDuEqoKwj:H7N4czM31Njsia3XheDuEqTo

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/status.py

    • Size

      1KB

    • MD5

      b04ae87ec68b5e293fbd0a47936fa99c

    • SHA1

      a152acd0fb2078d876deb7c70a8aa84d06436275

    • SHA256

      bf656074d7f07688f25adaa931d573c3ebad7d9cc553ac6ec90e2e648dfb8971

    • SHA512

      7173256bbbf9a63880a07f847af92649a6781e70c200e08955013cbceb8c7d8ce5638f87dbbe1e33afb7bcf37a97934209d1efcb7f3e106eaa17f0608526b7d8

    Score
    3/10
    • Target

      MoneyPrinterV2-main/src/utils.py

    • Size

      2KB

    • MD5

      88011a4e0fad8709c53918f575d1cf6f

    • SHA1

      8f14c7cccf3ee56c8498775b16fffd2e0d3c4a93

    • SHA256

      9c0758ddf24b3d8e4c1de796845098579f205d23974b86e4cac207c7accf3430

    • SHA512

      a7bbe5cca1c2602919e4390192c798a22ef17abaf85accb2343dc79dbb9d8dc8270621bb21c7fbcffbde6a0e947a9ec768280a56f89894200365a8da048c1689

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks