empyrean | ab45f9a36cd3c0e9bef44dd3f71e0c232029facb04d87d9afd0358a712a2bb0b | Triage

Submit
Reports

Overview

overview

Static

static

deniz.ddos.og.rar

windows7-x64

7

deniz.ddos.og.rar

windows10-2004-x64

7

Resubmissions

11/03/2024, 15:28

240311-swfy3aeb9z 10

11/03/2024, 15:16

240311-sneq2aea2z 10

Sharing

Copy URL Twitter E-mail

General

Target

deniz.ddos.og.rar
Size

17.5MB
Sample

240311-sneq2aea2z
MD5

71b93f770e5f58bc39eeaf08edf4e2f9
SHA1

f18188f0e5a7077f8fc75ed43c38ef222a66f79b
SHA256

ab45f9a36cd3c0e9bef44dd3f71e0c232029facb04d87d9afd0358a712a2bb0b
SHA512

173234a967b77956c58de6dd7fb9d57f914904669bae16180bd359cb213c4ec93297ba9afb8282046b301c4bc2c92ca7a24b64934bfb6bf76c2248205fe49751
SSDEEP

393216:M+gOTOcRdhIkwQ+zRRP5g1mzoeZybpCMC8wQGJOhkKAKcX1e/2a3C:MtwdhGzv5g1bmupCMC8bGKbd/2J

Score

10^/10

empyrean pyinstaller upx

Static task

static1

pyinstaller empyrean

4 signatures

Behavioral task

behavioral1

Sample

deniz.ddos.og.rar

Resource

win7-20240215-en

pyinstaller upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

deniz.ddos.og.rar

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  deniz.ddos.og.rar
- Size
  
  17.5MB
- MD5
  
  71b93f770e5f58bc39eeaf08edf4e2f9
- SHA1
  
  f18188f0e5a7077f8fc75ed43c38ef222a66f79b
- SHA256
  
  ab45f9a36cd3c0e9bef44dd3f71e0c232029facb04d87d9afd0358a712a2bb0b
- SHA512
  
  173234a967b77956c58de6dd7fb9d57f914904669bae16180bd359cb213c4ec93297ba9afb8282046b301c4bc2c92ca7a24b64934bfb6bf76c2248205fe49751
- SSDEEP
  
  393216:M+gOTOcRdhIkwQ+zRRP5g1mzoeZybpCMC8wQGJOhkKAKcX1e/2a3C:MtwdhGzv5g1bmupCMC8bGKbd/2J
Score

7^/10

pyinstaller upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallerempyrean

behavioral1

behavioral2

© 2018-2025

Terms | Privacy