privateloader | 6995e33cf3c6078ad21fa9f5dccb03cc8a12a27953768cf85ecab1ddce1852a7

Resubmissions

03/05/2024, 20:03

240503-ysqa8aeb6z 10

Sharing

Copy URL

Twitter E-mail

General

Target

depot_228990.zip
Size

172.2MB
Sample

240503-ysqa8aeb6z
MD5

94ad281afab60e18c80f10840bab58f6
SHA1

5581db9af42ea37fabff9f98dd7fd537c6747c09
SHA256

6995e33cf3c6078ad21fa9f5dccb03cc8a12a27953768cf85ecab1ddce1852a7
SHA512

291b7b739c456ba2c68d466831c2742dac3aae47735379f6af13db23b2eea87454d5c9de548b62fb1ead2f3da78c58b4760f65324ce7af3a435e274da64190e3
SSDEEP

3145728:YnQytDdLaOZTYCSGJjiuhoDe2EJzBkMbW5eTHrRn77qazi:YjLB8VWroyxJ1kViHr57zi

Score

10^/10

privateloader

Malware Config

Targets

- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/colorsys.pyc
- Size
  
  3KB
- MD5
  
  85877a7cfcd8e852fd9fccca9a49a62f
- SHA1
  
  769ad5ce34e5b6ba62f846720e27ec2685869a80
- SHA256
  
  b59295d2ec3b373fcf51460e3caccf14cc2432d4ab3ab5283d71ed730902a81f
- SHA512
  
  a6d5a635c6814b6a402ab3f866f346a09939903c4120e108a5cc96715b94840af691ce27300a179c05e7cad469f936682909ab1c9c928fda0a5059feeed4459f
Score

3^/10
behavioral1 behavioral2
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/compileall.pyc
- Size
  
  12KB
- MD5
  
  164c8b7590c5be4e7daa72cb076f7359
- SHA1
  
  0182b680b1355ddc69bf192e4a07ce672ebb8b37
- SHA256
  
  800fa294e0dba17f72f06327bcd13a7f7c10e8f9798147a1e2c31665572003fb
- SHA512
  
  427d1135936a463f26c9eda1a837ddec5f7af7dfaef6b0c1a86227ab1f85a325c00e27988e839250bf1fde968bbe7905548d174d54bc6a766d13fd0915ed0bf7
- SSDEEP
  
  384:/usFJzraMBu7toq69FBEOX7tuWvJyxcl3hlR/w:/PFtraM06f9FqOL0WvJ2w3hl5w
Score

3^/10
behavioral3 behavioral4
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/concurrent/__init__.pyc
- Size
  
  177B
- MD5
  
  76c8f9341d614880ea6fadcdfc4da03a
- SHA1
  
  5daed5a87d4fc27a8019e774bfd743544c90d8db
- SHA256
  
  d68a787e6cd30bd19ba37d8eb66a87bdc3f28de74bf75dd16a1045f12677ce61
- SHA512
  
  67ec8d6e077616080732c09ab407a762476f518a5a6ee45717faf6987212aea7f1614669331d93fed50e07ca7d547b46762b980b3c31436edcb87dd2e1b737a4
Score

3^/10
behavioral5 behavioral6
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/concurrent/futures/__init__.pyc
- Size
  
  1KB
- MD5
  
  5d1cb91735a0407ffd73e58ad90231c2
- SHA1
  
  711bdf4da5476810d283a7551de450f2f1c894df
- SHA256
  
  6bb90650d34f4e4a3073f1ccf9da804aea4dec2b828f3677471e118d5bc6f2fd
- SHA512
  
  3d12f415dd479594cc47b8e3b0f8e02b174870fbeda3f0a8767115145c24a593158787bf1d808470ae7cf301060ea53f9ff75ba49b2553a269d0b1d85a5825ee
Score

3^/10
behavioral7 behavioral8
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/concurrent/futures/_base.pyc
- Size
  
  21KB
- MD5
  
  d9ced7b8f7bb7a9500923727360d86db
- SHA1
  
  65eb1fd5420629f0cd1a3014cc43572fc5a42903
- SHA256
  
  edc10cba69b1c6424ec745fe6bd35c2006e36fc5e5d2b4c8d14d8c4fc3c66565
- SHA512
  
  a45bbc5e52d04c95c5d40413958338e8d870b59cde6fd9ba975771417db5e5ec60c465b7d59a5ce095b71e390bfceae9e21e1c07984ab7d580baeac9b915b370
- SSDEEP
  
  384:qtTOZGBf2bk6bFW5sBssFfctUz2YKGBRx7VpcFHYXPeL+vJQArxJsFA1fX8n:qtTOZGBObk6FfUUSYKGBRPp6GJQArxJg
Score

3^/10
behavioral10 behavioral9
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/concurrent/futures/process.pyc
- Size
  
  20KB
- MD5
  
  b1ee35c3f94bf4294cb431a20e92cfc4
- SHA1
  
  4ecb213269bffb7862c7bc35e69b9477031feae1
- SHA256
  
  e8e56877798808bbf7b11388b4c9403c0bb55a1fad30cbe378ae26b83e549dd8
- SHA512
  
  09751e9cfe47b417644af03f9652243420352d77431bd43966eaa1a9a33d88ace89a07cce1d79987e2745997e0aba146b9f7e4439f4b7953f6130c0e373730f6
- SSDEEP
  
  384:H8ImR19rpjRddrGScunj0kUFGZM13GikeMr+zluwFzhO0JyOfJcq301tS9WZFQSh:5cxjRddbcunj0kqGZM13GikeNYMdJyO+
Score

3^/10
behavioral11 behavioral12
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/concurrent/futures/thread.pyc
- Size
  
  5KB
- MD5
  
  104bd2148087c3e110c2849a987073eb
- SHA1
  
  6b54629808f900416df1b3f918f638325bf1deea
- SHA256
  
  e0405e632485f6175f26cef1263998d83036bdacba742652651adca988a98d8a
- SHA512
  
  6bc774ffc619efc2d75feb7d8f3e30befd402b78400c74ab0b737955b523c8fa2004f0755ed348cf492f89a8321ac2d5f870c12a0679067feb082e8241ac911b
- SSDEEP
  
  96:p5vS2oVJJ1eD9R6OCf2CWLg9sJVosL+gvC9rIVMmgtrWmna0ZApPO5rljAFBPEFz:XvS2oVJveDj6OCf2nLg98NLhvWkVMDWi
Score

3^/10
behavioral13 behavioral14
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/configparser.pyc
- Size
  
  44KB
- MD5
  
  a59c84d90cbfa98f9e757d2ec732b910
- SHA1
  
  987848fb3fb04c6ed4bb71581b1afc3014da0160
- SHA256
  
  4a307f18741c65906f709fa778e2379d22d49e6ac3d3bc605dd2028f65e339b7
- SHA512
  
  919b3709e65f21d18eb0f683ac576a618d4dc7c475fc37ca31595b869254eb66ab529834d4b81c39af2e83b985cd1eb0818e1fa04b803957db646507d0d63319
- SSDEEP
  
  768:7V02GfEpomBsfmwhuyEqACxEoRMd52bo1eX/NEeeMyn7VZASnyZ/3epPyQqPonOH:ImBsfmw17pRs2MY6Zm5Z1LuSb2NgB
Score

3^/10
behavioral15 behavioral16
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/contextlib.pyc
- Size
  
  19KB
- MD5
  
  2287d6c2f1d3084a94fb24622344d4f9
- SHA1
  
  596cab3bdf1fe92fc2ec8f960293477f13ac4753
- SHA256
  
  52ba700a7eda79be4e24374d064a1de9b12b1cd7fd476b71367578f112f822e2
- SHA512
  
  697cb7635c303e81664bfe45e2177e97e503e44dba43748a2a49ac9911844e441d8d772a673ff86dc288b8645314a103112e604c083cb021cbe8a832462e20d9
- SSDEEP
  
  384:y+ZPLnzxB6pjih1ZbxH1d9XRETqnfFHRRSxCqcYfkH:y+ZPLnz3EjUXfX2qndPL5H
Score

3^/10
behavioral17 behavioral18
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/contextvars.pyc
- Size
  
  288B
- MD5
  
  4936d1d0cecaefd08aebaff4f1c92b2e
- SHA1
  
  38c53aec58100ddbe1eb4d0e312b267aca38ea6f
- SHA256
  
  fa6b73382884805de6481339bd6f57cb69ceadb1a2766cad04b3b16d6860020d
- SHA512
  
  9ba686a910c3636b3b5e58c10a2fe816c916411050c9e6194446bc50df1cac46a9cbf168f1b250731ca462af080914d7abb0e6938f5a8bca18b1342ad38f40f2
Score

3^/10
behavioral19 behavioral20
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/copy.pyc
- Size
  
  6KB
- MD5
  
  feb42fec2628bd3413181c1fafa49190
- SHA1
  
  f8b595c56c6ad6fadf4b2beab50ac7afa4268364
- SHA256
  
  ab6e215f5fdb0f3d7be3a334ff236c3e60c8f59dc751dddd246c598fad72d5e6
- SHA512
  
  a6aef0daabac6a38f58f528418890513051831711b0893905255b21d77b6b54ecd535a76a6e7a608d9d3006539fef3913e44509d77a0d5acf1244ff0c78423ae
- SSDEEP
  
  192:4zPakDZxS5GaHl1isTKOuyDqAzJ2yvqejQdqZA/8cZfMgwi:Ea0/S5G0V2IGGn/cdcArf9
Score

3^/10
behavioral21 behavioral22
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/copyreg.pyc
- Size
  
  4KB
- MD5
  
  c230208a8cb6c60dfaf9645d025420cf
- SHA1
  
  f6c3bc477f1093d934d362bb2324212a2156d3b7
- SHA256
  
  a556aa69410d75d8cf4658ad3a5566fb22d28c74bf5f5ce45d54d9bba04c408a
- SHA512
  
  3dc6fdc08b55599c55e86e87c4c3b9a9f232574e65a92309ec65ae18281057a3dcc9429a125e1b8614d60edfbd9cef4f4702d3395cef5a36d927fb2ca4b103d9
- SSDEEP
  
  96:HiiU3NlLHfjZN9xiOtktpErU2qsxbl4fqm5vJYHjmTvP+H3TPa:b6bHfBt2UP5WfhtJYHjmTn+H3TPa
Score

3^/10
behavioral23 behavioral24
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/csv.pyc
- Size
  
  11KB
- MD5
  
  2d52943b245e06e0d4df569e9669c4c8
- SHA1
  
  ffba6e3f5995b3e41835270866ebdef9183749c2
- SHA256
  
  95010db64347cdc791746f24e92898a82d4610569cec6534a06a4d55d380a2b0
- SHA512
  
  be39de45b446409d61087f73f869b69ec7592be7332560217db677a8f6177825bd00d762085263a730a019d2971f1c56873e4872d4cf70dde1560429cad9d8b8
- SSDEEP
  
  192:4Jj1+B8vo6S2lWRnrKzYWwjm2XSvXM2PlqOeXZ1MMJ5vMsX1jRCYAf:4JjdQ6S2lIrKgLXCXM2wM85Rsf
Score

3^/10
behavioral25 behavioral26
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/ctypes/__init__.pyc
- Size
  
  16KB
- MD5
  
  2e6244ee605b5301621ef62e37439338
- SHA1
  
  920cc6463e1b57100ad5e5bedb66a6cc09492fa2
- SHA256
  
  669999d4ba831c2f6b2c47db203f627c4b1120dc7f1ba1fc8694fb0d8f824365
- SHA512
  
  0abea7dc9d1e427b92ea5cf477a2bbe48408f0e67b49df425115a692c44b482a4e2e61caf16be1b3811baeb38df89bb538d3defb9d38e0845713b9868de5f1d9
- SSDEEP
  
  384:9J70jNVt0un6uCh1wgZKXwMkq3651Sk2v0eXMd0oZ:9JgZVCh+AfiR0Qi0oZ
Score

3^/10
behavioral27 behavioral28
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/ctypes/_aix.pyc
- Size
  
  9KB
- MD5
  
  bf4e9f30f61229c10b95b930e6fa6585
- SHA1
  
  e2f6f8bcb15ca931b8fc0945a432d2c77d872cf1
- SHA256
  
  63751958f6b403153d3f473e0d7eb8f95839a5c1e8ed5cfc6f82529f2aa0d0b6
- SHA512
  
  05a3b25af254979e15803cd645493a7f3c406fe39810679ca4e189f5e9bc03af117a53858f9839c1c147662eeff509ff727db2410d565b58799bb2cb504f5735
- SSDEEP
  
  192:Eu+9IuTRu2bpsEn+bw/8MTDZ8RgJg8J1svML56qoCyiXwk:Eu+Kuduef+b41tJgY18w5gKXd
Score

3^/10
behavioral29 behavioral30
- Target
  
  depot_228990/MFGW.app/Contents/Resources/lib/python3.9/ctypes/_endian.pyc
- Size
  
  1KB
- MD5
  
  e6e1dc6904af00815b0b5bf7a2905492
- SHA1
  
  536b3deb0c3a9767fe3b6537238cd3b6574ca913
- SHA256
  
  0a058d339541434ba823568dc3147d588610d9fca8c495a94cef613ea02ddcf6
- SHA512
  
  e1d1440461f80574ff80df356453add4fc25dcade8ca9d3a2becb01cc61dab2a8db8de89802008ea4cd34f9986a582f2603c66ab0eb6aed518fbd164e8ba1bb6
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32