5242437d464d1ceaae57e43d8bcea605d17ea7debe5626e0b509c31ccbced159 | Triage

Sharing

General

Target

VIM.exe
Size

7.2MB
Sample

240528-3zmwwsag72
MD5

165a6f77d8558e08eadefdb749bb18c0
SHA1

1f0572d93a05b9d85b122ebef42a02811b5fd772
SHA256

5242437d464d1ceaae57e43d8bcea605d17ea7debe5626e0b509c31ccbced159
SHA512

8e777bd30748262de141b079aa7246da69c0a218ff1bf40e11e07af58e9ff8ff3f506edd515a1d9436df389656729cbd28e6c1676c9fffd7dde95ce6c32dce1e
SSDEEP

196608:edU8EkuA3uWJysVYvsONtdIQLOMIdiwmnoriXWDhs:a9EYeWJ8taL/d2or5

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  VIM.exe
- Size
  
  7.2MB
- MD5
  
  165a6f77d8558e08eadefdb749bb18c0
- SHA1
  
  1f0572d93a05b9d85b122ebef42a02811b5fd772
- SHA256
  
  5242437d464d1ceaae57e43d8bcea605d17ea7debe5626e0b509c31ccbced159
- SHA512
  
  8e777bd30748262de141b079aa7246da69c0a218ff1bf40e11e07af58e9ff8ff3f506edd515a1d9436df389656729cbd28e6c1676c9fffd7dde95ce6c32dce1e
- SSDEEP
  
  196608:edU8EkuA3uWJysVYvsONtdIQLOMIdiwmnoriXWDhs:a9EYeWJ8taL/d2or5
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  main.pyc
- Size
  
  744B
- MD5
  
  67e7e6aba7aaf860bbb9bcf46985527f
- SHA1
  
  0927774643415497a479b29384e57af1059d3b67
- SHA256
  
  8961015fabb8e58a4622593b8f4a719c0e9927041007ad474116efcb4dab5fae
- SHA512
  
  cf40cb76061cdf53a1afe350eea4752d8b9fcdd41460a2272de45f1799f63555b95b77914820810de2b68264873ed72823ce4f3ec1254b1779a553521284d158
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4