Overview
overview
7Static
static
1Bypass.zip
windows11-21h2-x64
7Bypass/bypass.py
windows11-21h2-x64
3Bypass/config.json
windows11-21h2-x64
3Bypass/dat...11.pyc
windows11-21h2-x64
3Bypass/dat...11.pyc
windows11-21h2-x64
3Bypass/dat...req.py
windows11-21h2-x64
3Bypass/dat...ter.py
windows11-21h2-x64
3Bypass/install.bat
windows11-21h2-x64
1python-3.1...64.exe
windows11-21h2-x64
4General
-
Target
Bypass.zip
-
Size
25.3MB
-
Sample
240611-l1y7wasgkc
-
MD5
6102e0c8e17646c6b08d1b19af4db062
-
SHA1
e50f1287f8b2e0e148c739d62aafb935b184ad98
-
SHA256
be0b5318d28784df090e1bab91d1cd7f76cfc0dae740ce2199aa07d83e25267e
-
SHA512
cd72023c2a994b7f1e57297b4b304e3a6ba1aeed9360569a7e72dbf23646b9be561ced21d22e3fe56c0e34a97b7316c632bec7dd941a1a49dff7d6913ef1130a
-
SSDEEP
786432:+D8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJrx:+LKWu4UVGbS/r2fL6tJrx
Static task
static1
Behavioral task
behavioral1
Sample
Bypass.zip
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
Bypass/bypass.py
Resource
win11-20240508-en
Behavioral task
behavioral3
Sample
Bypass/config.json
Resource
win11-20240508-en
Behavioral task
behavioral4
Sample
Bypass/data/addons/__pycache__/req.cpython-311.pyc
Resource
win11-20240426-en
Behavioral task
behavioral5
Sample
Bypass/data/addons/__pycache__/updater.cpython-311.pyc
Resource
win11-20240508-en
Behavioral task
behavioral6
Sample
Bypass/data/addons/req.py
Resource
win11-20240508-en
Behavioral task
behavioral7
Sample
Bypass/data/addons/updater.py
Resource
win11-20240508-en
Behavioral task
behavioral8
Sample
Bypass/install.bat
Resource
win11-20240419-en
Behavioral task
behavioral9
Sample
python-3.12.4-amd64.exe
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
Bypass.zip
-
Size
25.3MB
-
MD5
6102e0c8e17646c6b08d1b19af4db062
-
SHA1
e50f1287f8b2e0e148c739d62aafb935b184ad98
-
SHA256
be0b5318d28784df090e1bab91d1cd7f76cfc0dae740ce2199aa07d83e25267e
-
SHA512
cd72023c2a994b7f1e57297b4b304e3a6ba1aeed9360569a7e72dbf23646b9be561ced21d22e3fe56c0e34a97b7316c632bec7dd941a1a49dff7d6913ef1130a
-
SSDEEP
786432:+D8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJrx:+LKWu4UVGbS/r2fL6tJrx
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Bypass/bypass.py
-
Size
101KB
-
MD5
bf2a463bf172937dad5d8cfdfd1edf3d
-
SHA1
9024018a1c273095a51826794f7d0231cc7a964f
-
SHA256
c8cc21e0d3a8ff4892dfc7839c2de91925be20dafe6f84b5fdecb78b23af2b6e
-
SHA512
d35fc1ef0683ab07657566f83dd2693657dee7534bb91fd134843b87fc3081f2a755a72b528ec76c78ec2d7ef9e530ebf6d19734b6f8288a30ba1268201db424
-
SSDEEP
3072:JiufqhGjde31V4xrd05M7OSQ8f3x2TD0Wcm8ldioj0yL0Rc0l7080xKS0l0qhe5:7beLbKb/m8zo5fSBe6p
Score3/10 -
-
-
Target
Bypass/config.json
-
Size
80B
-
MD5
03997cb38269838aa926946532fe728c
-
SHA1
71582950512e9fb444ee212cf9fc2c2c0b888486
-
SHA256
568908dc267e667ed7bde156605166cf08cadc9ecb99215639b6d1fea9f0b3a0
-
SHA512
466d6e5b0b8799bce2eba95fbb2c126b4575f11a9f8d245ccb7ad6e6d6220488f1c9eb355e0b0fc6e481fe61117be9dfdeab04a35c4419e81079b87d610e60c8
Score3/10 -
-
-
Target
Bypass/data/addons/__pycache__/req.cpython-311.pyc
-
Size
1KB
-
MD5
332b2955116f9248d00940eb8a2028b9
-
SHA1
8759b47e57a7c2fd9162aa30f98e9f72ad9d3ba9
-
SHA256
6c2a48ce2acdd619196da8a20ba5d53ed93dcf1a5d696bdd313d6f9be89bd791
-
SHA512
a4baa7c44a6ea47c77dd6d0a2657cb4d7ebf81c47a5d08c6660588360f05152aab94e6ec79fa64303cccbeb4fa57df92735a9574dbae02486fbb5c26858e9925
Score3/10 -
-
-
Target
Bypass/data/addons/__pycache__/updater.cpython-311.pyc
-
Size
2KB
-
MD5
b96f44f83d095d36adf8df1e5e82ba2c
-
SHA1
5ae1d8cb9408612c9400099d940acd8098262034
-
SHA256
e624597d94e24e096136b146d0fe57665759395b5f9506d2e4d0ada2080c1e48
-
SHA512
5c33a978d4c88e7187e88efb1ae41456911e0bd572b361258333b7a795050af0a6d5efd21d837d39cad83dd9df376fcdf5d9e240a7439115a801bef08eaff1ce
Score3/10 -
-
-
Target
Bypass/data/addons/req.py
-
Size
483B
-
MD5
ba4346a7f69b223ec0b49ffa0787de24
-
SHA1
46ce8dd8faae5833c209095a7ae358e8f33de376
-
SHA256
9561772fc9d7526560f1d9d8464028b5decb42b7f77633d2389f6ba03fede9e8
-
SHA512
2a34fe2110242ee70b8d518001ea1cd0cc44bbf16f0b15f4ff90cd680bf9f6c2a3d50efdf81da150468253ec61408adfcad9e20c3cfb3122e7a78db8b23bc39e
Score3/10 -
-
-
Target
Bypass/data/addons/updater.py
-
Size
1KB
-
MD5
ac3b40d79318e3c5f51402de11b08b47
-
SHA1
6c6f46fb37e2cdc20e0f17b7941f842e0278c484
-
SHA256
2e7b755b6e91dcc15967b638fd4fe459a1f191c2a46cabf6b303f3dc7f46a9f2
-
SHA512
2cf4f833ff7bc3d4b9ecf4fd46d22660d83b8db57ebe481b9acf271e04a76e6c8285392cce575f03ac77e7ab6bbd0e8edc5eba779d00e72e7bc5cb5aac021d64
Score3/10 -
-
-
Target
Bypass/install.bat
-
Size
715B
-
MD5
14741a4d4fb83a66aad98699db84cf7f
-
SHA1
6b4c747e267a5a67cbedf5daa67b017adf6eacef
-
SHA256
3ce14bbce42e339769dae4ec3ffd8b5150884e159366fbb88699203e76048664
-
SHA512
e28b4309bd985aa7f4ef497ba4ebbe70d4b5914eea0b8e14b8ccc396c08e4060a760e689f533234575998d4abe9af20fd44bdd2e5a87bfd374f2b9c82cdbbac3
Score1/10 -
-
-
Target
python-3.12.4-amd64.exe
-
Size
25.5MB
-
MD5
f3df1be26cc7cbd8252ab5632b62d740
-
SHA1
3b1f54802b4cb8c02d1eb78fc79f95f91e8e49e4
-
SHA256
da5809df5cb05200b3a528a186f39b7d6186376ce051b0a393f1ddf67c995258
-
SHA512
2f9a11ffae6d9f1ed76bf816f28812fcba71f87080b0c92e52bfccb46243118c5803a7e25dd78003ca7d66501bfcdce8ff7c691c63c0038b0d409ca3842dcc89
-
SSDEEP
786432:zRd0l0X/46+nq1rcVqA5Z2bQcLsv0GlYrJF55e2nRk:L5P46+q1QTILMKB5e2nRk
Score4/10 -