510785ecd75144cfc687fff145d76b11ef6453e2c031bb4de32171e64ca1559f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Funny.exe
Size

69.1MB
Sample

240427-kbgqvseg33
MD5

1e2cc26302ee3f884892b37dc763da4b
SHA1

65d7f98cb6669daa6e2d4c2f38e865993e2089a9
SHA256

510785ecd75144cfc687fff145d76b11ef6453e2c031bb4de32171e64ca1559f
SHA512

722c81176c5abbde1c5cb7c41f7978d5756c11161b1f0311cb993f60fc738787671f3335aa2681bc04e607a84266399cda9d378c48a37554980baff37bd055d0
SSDEEP

1572864:YQbgFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIY2qHWB75iV86/WxqFj:Ysgt/VG6RmtCRlGPrcY2qHO5iV86/UG

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Funny.exe
- Size
  
  69.1MB
- MD5
  
  1e2cc26302ee3f884892b37dc763da4b
- SHA1
  
  65d7f98cb6669daa6e2d4c2f38e865993e2089a9
- SHA256
  
  510785ecd75144cfc687fff145d76b11ef6453e2c031bb4de32171e64ca1559f
- SHA512
  
  722c81176c5abbde1c5cb7c41f7978d5756c11161b1f0311cb993f60fc738787671f3335aa2681bc04e607a84266399cda9d378c48a37554980baff37bd055d0
- SSDEEP
  
  1572864:YQbgFP/V4f6Gj53ikjt4jRq2GqFOPV5GiIY2qHWB75iV86/WxqFj:Ysgt/VG6RmtCRlGPrcY2qHO5iV86/UG
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  SRC.pyc
- Size
  
  46KB
- MD5
  
  2b9d3aa8b86f21d8fa33bb8b5186d63d
- SHA1
  
  cac2f3779d350369142f1d3ab6dafc89414eaa27
- SHA256
  
  189a637c368820041a4f9c5c2fa70e47177c2f36fc40207a506465aaf02f0909
- SHA512
  
  df0a44b3377d6bcc4b69f98b0c2e957946e85b13935cdd1703add5e1cd8c0675e789376c563f5ff6c3c3f810a611f67616f4df666a26f674df27387d1cd1062c
- SSDEEP
  
  768:z2uxUxnxhhI9jHwlyOu5h3B1kmE1Cj1M+z3od8xbHtLk:zsSGlTu5VBSEcdELk
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4