Overview

overview

7

Static

static

3

dbdf5ccea9...bf.exe

windows7-x64

7

dbdf5ccea9...bf.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbdf5ccea961db26a656fca73bcac131fe7a28fde408e4892a669c941c1376bf.exe

  • Size

    35.5MB

  • Sample

    240420-b6qskseb7s

  • MD5

    0ceaf63f222faad3bfa66b0bcbddca69

  • SHA1

    d9eb66edd0a0657be291ef9c52390a6f5a12ddf5

  • SHA256

    dbdf5ccea961db26a656fca73bcac131fe7a28fde408e4892a669c941c1376bf

  • SHA512

    12170462079637a959e38a6a4baf00a3242b6189fb59fc11f6e255830ba0cf1b03f805866b5511d377d2e9c2953a71152fbf8f8fcf251fa1f04d6e98d3b16aa5

  • SSDEEP

    786432:9GeCRQjyXVs4jGb0w52j6+s7LWB75zu5OoiUbW8YOd9in9Y:oPQWXV9ybR52qHWB75iJiUbW/C

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      dbdf5ccea961db26a656fca73bcac131fe7a28fde408e4892a669c941c1376bf.exe

    • Size

      35.5MB

    • MD5

      0ceaf63f222faad3bfa66b0bcbddca69

    • SHA1

      d9eb66edd0a0657be291ef9c52390a6f5a12ddf5

    • SHA256

      dbdf5ccea961db26a656fca73bcac131fe7a28fde408e4892a669c941c1376bf

    • SHA512

      12170462079637a959e38a6a4baf00a3242b6189fb59fc11f6e255830ba0cf1b03f805866b5511d377d2e9c2953a71152fbf8f8fcf251fa1f04d6e98d3b16aa5

    • SSDEEP

      786432:9GeCRQjyXVs4jGb0w52j6+s7LWB75zu5OoiUbW8YOd9in9Y:oPQWXV9ybR52qHWB75iJiUbW/C

    Score
    7/10

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks