563c5f0ef4b8403e4a933931ee762b428fe1d6b229d452a1d5397f050393f4b5 | Triage

Sharing

General

Target

SpaceBootstrapper.exe
Size

8.1MB
Sample

240616-xc49rssdqf
MD5

075acc6681b76b7711d2c4382f338047
SHA1

2198367e911bf4d9427470d1927605783ef8ad7b
SHA256

563c5f0ef4b8403e4a933931ee762b428fe1d6b229d452a1d5397f050393f4b5
SHA512

29d0bad832d503ca637eccb2dfc7f1855c3e0efa9ff2a50f2c896067917b1acb8dccbbc6a8474d6f9535cb3d40ca0e12be071b475c2b12fc41656ae230177bf4
SSDEEP

196608:YGEUn61W903eV4QJ7MToEuGxgh858F0ibfUxgABObk91tlw8:KUnwW+eGQJ7MTozGxu8C0ibftqi

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  SpaceBootstrapper.exe
- Size
  
  8.1MB
- MD5
  
  075acc6681b76b7711d2c4382f338047
- SHA1
  
  2198367e911bf4d9427470d1927605783ef8ad7b
- SHA256
  
  563c5f0ef4b8403e4a933931ee762b428fe1d6b229d452a1d5397f050393f4b5
- SHA512
  
  29d0bad832d503ca637eccb2dfc7f1855c3e0efa9ff2a50f2c896067917b1acb8dccbbc6a8474d6f9535cb3d40ca0e12be071b475c2b12fc41656ae230177bf4
- SSDEEP
  
  196608:YGEUn61W903eV4QJ7MToEuGxgh858F0ibfUxgABObk91tlw8:KUnwW+eGQJ7MTozGxu8C0ibftqi
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  space_keysys.pyc
- Size
  
  3KB
- MD5
  
  fe667bdae50b26a2be8008e2c4dd253a
- SHA1
  
  5de21ad240aee05c250178d140dbed5c689489f8
- SHA256
  
  49116d708c6e67620209bc0ec61fa71f288eeab42e0605db3ebefae2f682bf7f
- SHA512
  
  4bc6e13377cec8fde7ba36be4416c9113993276eb44306986b9676e4fb98cc2c255ed6d058793c8d178510046cbee6b3086e7c60cd3e0334736b481485bbdee5
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4