09b469569a1e2874c69017d6e3ba5063230783257cab06cfbef09cd475a9bed5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Crypto Factory.exe
Size

10.2MB
Sample

240514-nzxzjaee79
MD5

ffafcc536cb266ee1e8c8bf7189dcabb
SHA1

cd8869d803b438615963cc923eb8dd4097535752
SHA256

09b469569a1e2874c69017d6e3ba5063230783257cab06cfbef09cd475a9bed5
SHA512

0fbc89743ba729daf88c1dd6a684a2aa3661c2ab93e9a5a282a3527882a8fc553310d837856ee57955b9ac136380de82f4fa973faa23b3fa9a0f42aac7ca7d10
SSDEEP

196608:MRatAusbeILr7PnILLZWdoCOiV9onJ5hrZERryiU8AdZYJERfSEIrToBf5fnqgnH:axlLr7M5liV9c5hlERjAdZYyAHrMd5vq

Score

8^/10

execution pyinstaller

Malware Config

Targets

- Target
  
  Crypto Factory.exe
- Size
  
  10.2MB
- MD5
  
  ffafcc536cb266ee1e8c8bf7189dcabb
- SHA1
  
  cd8869d803b438615963cc923eb8dd4097535752
- SHA256
  
  09b469569a1e2874c69017d6e3ba5063230783257cab06cfbef09cd475a9bed5
- SHA512
  
  0fbc89743ba729daf88c1dd6a684a2aa3661c2ab93e9a5a282a3527882a8fc553310d837856ee57955b9ac136380de82f4fa973faa23b3fa9a0f42aac7ca7d10
- SSDEEP
  
  196608:MRatAusbeILr7PnILLZWdoCOiV9onJ5hrZERryiU8AdZYJERfSEIrToBf5fnqgnH:axlLr7M5liV9c5hlERjAdZYyAHrMd5vq
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4