Overview

overview

10

Static

static

10

ViolinV1.0.exe

windows7-x64

7

ViolinV1.0.exe

windows10-2004-x64

7

dirt.pyc

windows7-x64

3

dirt.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ViolinV1.0.exe

  • Size

    41.3MB

  • Sample

    240420-3147kade27

  • MD5

    e1f11a32546b240111760d533a26ee81

  • SHA1

    c47b6ec9a10d2f7c081ea4649dc8b98fba5f9de7

  • SHA256

    e7d113ef928f0ce62a0accc0829da9720977c75427c4c901976e689c22c22a9f

  • SHA512

    2aaad25d22e9e26669bcccd38b53493695d760ee8fff8d85cc2729fb040cf7a6ef5203801d6f0916f1f5c70ae0c08b2862367c5743d0d65fdb80382446272fda

  • SSDEEP

    786432:t+gX4BMdhwzTQXR5FbPp6FcSS5U/LT2KzVyPVL9jvzVSLOYq1QtIZS3ILe5qW80U:nXGMK4XR3bLSCU/+6yPlhvhSyY2iIZSa

Score
10/10
telegrampyinstallerratspywarestealertelegram

Malware Config

Targets

    • Target

      ViolinV1.0.exe

    • Size

      41.3MB

    • MD5

      e1f11a32546b240111760d533a26ee81

    • SHA1

      c47b6ec9a10d2f7c081ea4649dc8b98fba5f9de7

    • SHA256

      e7d113ef928f0ce62a0accc0829da9720977c75427c4c901976e689c22c22a9f

    • SHA512

      2aaad25d22e9e26669bcccd38b53493695d760ee8fff8d85cc2729fb040cf7a6ef5203801d6f0916f1f5c70ae0c08b2862367c5743d0d65fdb80382446272fda

    • SSDEEP

      786432:t+gX4BMdhwzTQXR5FbPp6FcSS5U/LT2KzVyPVL9jvzVSLOYq1QtIZS3ILe5qW80U:nXGMK4XR3bLSCU/+6yPlhvhSyY2iIZSa

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

    • Target

      dirt.pyc

    • Size

      12KB

    • MD5

      1e04b7019d4445a6fbad2f9b1f65b0cf

    • SHA1

      625891d19b89425662f5c2461e362b80e5b1a380

    • SHA256

      22fbb24f3c24396cf4ed4efb11627516fdbc13f6c8f5e7949bf314d624c0a188

    • SHA512

      9fa72039350d52118a62312c142c13c1c55893ded77e5adf72474e1da4b276d844f08f5c0d93547ee42ce37c050ca0058287edec426ccd569dd261f90ee75e0a

    • SSDEEP

      96:05ZwQ1gk5pYJnWuWHr1qbPW7MP2JMmHzJfzJU6W8KV3LB/6leQySy:05ZL1gnZWuKr1qbPz/HrFSy

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks