51ffd199be15808a6f09a52df6b692a4721f30e94e1a245c87f939c53c1c76aa | Triage

Resubmissions

25/06/2024, 20:16

240625-y2ldmazhqd 8

25/06/2024, 20:08

240625-ywh2basglj 7

Sharing

Copy URL Twitter E-mail

General

Target

Version 5.1.2.zip
Size

17.1MB
Sample

240625-ywh2basglj
MD5

152f70b2b06a156fd602611f96d06f28
SHA1

4c46972144ea0bc3c0931f27cdc0709f70f50e3a
SHA256

51ffd199be15808a6f09a52df6b692a4721f30e94e1a245c87f939c53c1c76aa
SHA512

2f9931fdb06645bed7d6078d47545d424b21862baf486b7292ee2753f12dfa915c9e70f76a07bb9d53887d600e23aa2ebba3b9dbb3e97b6382a184639f0727f2
SSDEEP

393216:FDeBgl1IYlfltgaij5acQEqvzoy55+uxuflUcsf70:FDMg/IYNbFWkEq7oyPT4le70

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Version 5.1.2/Tron Byfron Bypass.exe
- Size
  
  17.4MB
- MD5
  
  88e75e1507093216973222e98fb58b97
- SHA1
  
  c12b3b5b178d67645d0cf08c5b47d67213bf09cd
- SHA256
  
  cfe21789f1ebeaf24bdb7390f02413c8f05733a1f79eca3092dae33e7202d5dc
- SHA512
  
  427d68d2de027a2698bf8f5ecf515b43f17cbaa1063da2a1dfb79e19f842f71e76d14bef028b53bb222140637cc68e4b86d87abc5d59ba4519a30b9573f4fe1e
- SSDEEP
  
  393216:8HyDd0kk3meBcGfdqaHW8p2EJcPuXktgjSE:8SR0kaT5FPW8p2E2ntHE
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2