Overview

overview

7

Static

static

3

QP8ZfH7.exe

windows7-x64

7

QP8ZfH7.exe

windows10-2004-x64

7

guardian2.pyc

windows7-x64

3

guardian2.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    QP8ZfH7.exe

  • Size

    10.1MB

  • Sample

    240526-zyhn1acb2x

  • MD5

    b6224676697824f203b0a7c4face0c27

  • SHA1

    a1b9b911560aeb95b087129ef33dbb9fa534d3bd

  • SHA256

    2e980d28c6be548d0a56d93996707332786fa014ea2cae481dd38375a7e6d4ae

  • SHA512

    54fc9cbbab31f0dc9049358cd95e0189268918f2942b4efc548123c60f622e5c1c3ff5f4e2bd9669b1b11b518625c959febc2efd1a9b86890aa5270c798887e1

  • SSDEEP

    196608:OBBYTvuWJysVYvsOw+qroyMxxvjDDAxb48RmU/3ZlsPvGHSTL+aTvN8CudTtsPB:KRWJWqoyMxtDDAxbtN3ZWGH5aT4dTts

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      QP8ZfH7.exe

    • Size

      10.1MB

    • MD5

      b6224676697824f203b0a7c4face0c27

    • SHA1

      a1b9b911560aeb95b087129ef33dbb9fa534d3bd

    • SHA256

      2e980d28c6be548d0a56d93996707332786fa014ea2cae481dd38375a7e6d4ae

    • SHA512

      54fc9cbbab31f0dc9049358cd95e0189268918f2942b4efc548123c60f622e5c1c3ff5f4e2bd9669b1b11b518625c959febc2efd1a9b86890aa5270c798887e1

    • SSDEEP

      196608:OBBYTvuWJysVYvsOw+qroyMxxvjDDAxb48RmU/3ZlsPvGHSTL+aTvN8CudTtsPB:KRWJWqoyMxtDDAxbtN3ZWGH5aT4dTts

    Score
    7/10

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      guardian2.pyc

    • Size

      2KB

    • MD5

      d9ddbc3982e67e6e29fdfa9b7ed45782

    • SHA1

      a30e91632c73e7c3f835942f68fee399a8772e90

    • SHA256

      82a38bfbdcd5849a43e0df271ca056be1395cd5265a4f7c58d7d6e40b8bd7152

    • SHA512

      4ee1baee0c20c0f1761bc928016e718b2167bbfbf66762ced4755375eff0e539df0ca6c47cd91876c72e18639c7ea5eb1e311b3f2186053c9145336499a01b2b

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks