Resubmissions

29/05/2024, 18:36

240529-w9c14sec84 10

29/05/2024, 18:35

240529-w8fqlsec55 10

General

  • Target

    krnl.exe

  • Size

    18.5MB

  • MD5

    13d248d61cea8dd88306dbd7e0e0965a

  • SHA1

    d18df0ef803f7f0747b9f7176ca8ccea3f364b8d

  • SHA256

    f5e3c3d638fe36a004bb5f91457f334f9b4ded4b06a5c33c3458c83485460f37

  • SHA512

    a71daeef97484ab0592cbd2dd7f780dee663852cf5d10fd96e5f0a3aa53a076f5a22d341fdfcf3d25a29a31e5824406bda1aeade3eb0cfb0e110e70a96730abd

  • SSDEEP

    393216:EqPnLFXlrPlQ8DOETgsLVfGqgSOOmmHvE8tWf2T/+VFjq:lPLFXNtQhElROOmP8gOT/z

Score
10/10

Malware Config

Signatures

  • Detects Empyrean stealer 1 IoCs
  • Empyrean family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • krnl.exe
    .exe windows:5 windows x64 arch:x64

    1e92fd54d65284238a0e3b74b2715062


    Headers

    Imports

    Sections

  • main.pyc