Malware Analysis Report

2024-11-30 13:19

Sample ID 240620-thnx7azfqn
Target python.exe
SHA256 e46185a6c164efdab8316c78a9dd822f6f29ba168285d8b72c82560af3ecea88
Tags
pyinstaller
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

e46185a6c164efdab8316c78a9dd822f6f29ba168285d8b72c82560af3ecea88

Threat Level: Likely benign

The file python.exe was found to be: Likely benign.

Malicious Activity Summary

pyinstaller

Detects Pyinstaller

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-20 16:03

Signatures

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-20 16:03

Reported

2024-06-20 16:06

Platform

win11-20240508-en

Max time kernel

146s

Max time network

150s

Command Line

"C:\Users\Admin\AppData\Local\Temp\python.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\python.exe

"C:\Users\Admin\AppData\Local\Temp\python.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
GB 184.28.176.33:443 tcp
GB 184.28.176.33:443 tcp
GB 184.28.176.33:443 tcp
IE 52.111.236.22:443 tcp

Files

N/A