2181befff5c1f978cd89467854f597f6f54b7f13e704f2e604588b5655b7fae4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Sellixify.exe
Size

13.9MB
Sample

240612-17yx1swfnm
MD5

9820442d5bdc4a2eae6153755bea351d
SHA1

e19635d41a522c0bca00c5bd354a52f2e9546436
SHA256

2181befff5c1f978cd89467854f597f6f54b7f13e704f2e604588b5655b7fae4
SHA512

fa526bcc95842e0388f148976b3b1376ddc450435dceff17880a6e7f62f5780596b07da4a103854d9e73715cf4fca5ea82e0b57096904bf251cea779d482703f
SSDEEP

393216:PuQVBl8qMzWJzoyMxtDDAxjJS+qqmza8lIytN:GQVj8qi+zoy2AmNq6Fi

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Sellixify.exe
- Size
  
  13.9MB
- MD5
  
  9820442d5bdc4a2eae6153755bea351d
- SHA1
  
  e19635d41a522c0bca00c5bd354a52f2e9546436
- SHA256
  
  2181befff5c1f978cd89467854f597f6f54b7f13e704f2e604588b5655b7fae4
- SHA512
  
  fa526bcc95842e0388f148976b3b1376ddc450435dceff17880a6e7f62f5780596b07da4a103854d9e73715cf4fca5ea82e0b57096904bf251cea779d482703f
- SSDEEP
  
  393216:PuQVBl8qMzWJzoyMxtDDAxjJS+qqmza8lIytN:GQVj8qi+zoy2AmNq6Fi
Score

7^/10
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1
- Target
  
  Sellixify.pyc
- Size
  
  45KB
- MD5
  
  cebc05bdaba795c2f546784d9ec9280b
- SHA1
  
  f0835b1ddb2c54590b5120f701862f0cd5ce9534
- SHA256
  
  6349849b303bbc03856cddaf4c7341e3cc3a3a064dc5deacebc39f2388ad6e0c
- SHA512
  
  a01116ccd6f2d8730cfa4ffb42262a500ec8d1edda1dd38dce3af4a1512ffe8709cd27bcc229fd6606f528049d3a844bd17455f265b947b176b1cd76fd33af89
- SSDEEP
  
  768:GZADKz3lARvm6wLChfrkCzlgGN6mtHMgu8xdYphmaE80QtCW77OgMWwV4AdNC/BR:wSKz6Vm6wLCmwp82HMgEphv+QtbmV9fA
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2