69b2d44c3badf4e77820dd4bcf6dde98d80ba7efb2fa8773f15eca5c1a7d2efd | Triage

Submit
Reports

Overview

overview

Static

static

1

Testing.rar

windows7-x64

7

Testing.rar

windows10-2004-x64

Sharing

General

Target

Testing.rar
Size

37.8MB
Sample

240428-shbgesad94
MD5

cde07d911cd8f1e8e69f02cbc34253dc
SHA1

71ae4ce7b87345871fa8ab65c2018990e5bef447
SHA256

69b2d44c3badf4e77820dd4bcf6dde98d80ba7efb2fa8773f15eca5c1a7d2efd
SHA512

b37fd2db1f5c25f0875f5606d80d38b1153d8dfb9001993acbfc7434a3357a6458c7fe7fadd48827bbff52de69e07de38a2cc29f4a2647e83a1d31fc340dc370
SSDEEP

786432:e7x6lW3BVk3TE5VJjiIXy1gpfIWcRCq5Qn7yNTPYZZhtVfWn:46Yfk3TUZyicCl22N1a

Score

10^/10

evasion persistence pyinstaller trojan

Static task

static1

Behavioral task

behavioral1

Sample

Testing.rar

Resource

win7-20231129-en

windows7-x64

15 signatures

600 seconds

Behavioral task

behavioral2

Sample

Testing.rar

Resource

win10v2004-20240419-en

evasion persistence pyinstaller trojan

windows10-2004-x64

24 signatures

600 seconds

Malware Config

Targets

- Target
  
  Testing.rar
- Size
  
  37.8MB
- MD5
  
  cde07d911cd8f1e8e69f02cbc34253dc
- SHA1
  
  71ae4ce7b87345871fa8ab65c2018990e5bef447
- SHA256
  
  69b2d44c3badf4e77820dd4bcf6dde98d80ba7efb2fa8773f15eca5c1a7d2efd
- SHA512
  
  b37fd2db1f5c25f0875f5606d80d38b1153d8dfb9001993acbfc7434a3357a6458c7fe7fadd48827bbff52de69e07de38a2cc29f4a2647e83a1d31fc340dc370
- SSDEEP
  
  786432:e7x6lW3BVk3TE5VJjiIXy1gpfIWcRCq5Qn7yNTPYZZhtVfWn:46Yfk3TUZyicCl22N1a
Score

10^/10

pyinstaller evasion persistence trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Modifies firewall policy service
  evasion
- Disables RegEdit via registry modification
  evasion
- Modifies Windows Firewall
  evasion
- Stops running service(s)
  evasion
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Change Default File Association

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Change Default File Association

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

evasionpersistencepyinstallertrojan

© 2018-2025

Terms | Privacy