1e2bb72289120337ec524dde9f9e5924c33820004ceef2bff6a762dea92a6470 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de86442b91c0d5916aee6ff4d5a209f8
Size

15.5MB
Sample

240325-vq6nmsgf2x
MD5

de86442b91c0d5916aee6ff4d5a209f8
SHA1

3485cc4984a27169d3bbc3c6eec2e6a60b22cf2b
SHA256

1e2bb72289120337ec524dde9f9e5924c33820004ceef2bff6a762dea92a6470
SHA512

0a388c760c552795cd3efbf496d31adcee3faad009e8810bb9edbedce4bf54b847578919d1f3663c59425f51738e5b5cf1a67b9a6db15ddc40b3c26a54b7205f
SSDEEP

393216:+3l/UkWJHlh2phoyMxtDDAxxfT7zhNsLuAHupHeAgyhYC:+1/J+FQphoy2ALzAHuBm

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  de86442b91c0d5916aee6ff4d5a209f8
- Size
  
  15.5MB
- MD5
  
  de86442b91c0d5916aee6ff4d5a209f8
- SHA1
  
  3485cc4984a27169d3bbc3c6eec2e6a60b22cf2b
- SHA256
  
  1e2bb72289120337ec524dde9f9e5924c33820004ceef2bff6a762dea92a6470
- SHA512
  
  0a388c760c552795cd3efbf496d31adcee3faad009e8810bb9edbedce4bf54b847578919d1f3663c59425f51738e5b5cf1a67b9a6db15ddc40b3c26a54b7205f
- SSDEEP
  
  393216:+3l/UkWJHlh2phoyMxtDDAxxfT7zhNsLuAHupHeAgyhYC:+1/J+FQphoy2ALzAHuBm
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2