General

  • Target

    20240623-1541_cdfc4049a372f86576df1071cfc055f2.zip

  • Size

    15.7MB

  • MD5

    ffbce04f21e839c5a3fc5f018880345a

  • SHA1

    0b6184c96ed48822f8b649707513c2fafbc386b3

  • SHA256

    4438f80afe724a730dc68cf7849c479a5748ee95762a43c64856494f1a530678

  • SHA512

    604f11662c1a7f67463ea1fa88ac0fc7554aec9d37d4469da422b21eeaa0c24b816c7dc61c68d0918ce7271569397e3154fc78cd1c16421791acdcfd07ac5535

  • SSDEEP

    393216:l3HJiD/cHrEOZXO2z0IZ8OGRH4tMXeF3AbrgsZs:l3HJkEH3p0L1BrXJ/gsZs

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 20240623-1541_cdfc4049a372f86576df1071cfc055f2.zip
    .zip
  • packet????????/IDAPRO.exe
    .exe windows:5 windows x64 arch:x64

    2ac23c52e7647c5bbea38e98bb68c652


    Code Sign

    Headers

    Imports

    Sections

  • ��~".pyc
  • packet????????/PacketV3.dll
    .dll windows:6 windows x64 arch:x64


    Headers

    Sections