Overview

overview

7

Static

static

3

PyWare.exe

windows7-x64

7

PyWare.exe

windows10-2004-x64

7

PyWare.pyc

windows7-x64

3

PyWare.pyc

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    PyWare.exe

  • Size

    28.9MB

  • Sample

    240712-c2pkdsveqn

  • MD5

    37f264d6804fba919bcd4ead24217a2c

  • SHA1

    d62991b70534a98369370b9a695c26f0f6b48deb

  • SHA256

    fc832a662afc57f6e5e832cc3260c3460cc22c5e1af1da1ffb11c28a98aba690

  • SHA512

    0775b344ec7ff65cc65ff9d1c683db83b5e8809470f74049a17a2f025c89ffa0346999fffc38b3e98668b0cf777910906a5727ab809365fa1b3679dc027f2eb3

  • SSDEEP

    786432:y5B+KU1h/JyVmIGrtMIDc/SKduUetISVwFow/0391pmar0ScuVaz:yIjxyVxUtMIDkDdWwFow8t1Qarm

Score
7/10
pyinstaller

Malware Config

Targets

    • Target

      PyWare.exe

    • Size

      28.9MB

    • MD5

      37f264d6804fba919bcd4ead24217a2c

    • SHA1

      d62991b70534a98369370b9a695c26f0f6b48deb

    • SHA256

      fc832a662afc57f6e5e832cc3260c3460cc22c5e1af1da1ffb11c28a98aba690

    • SHA512

      0775b344ec7ff65cc65ff9d1c683db83b5e8809470f74049a17a2f025c89ffa0346999fffc38b3e98668b0cf777910906a5727ab809365fa1b3679dc027f2eb3

    • SSDEEP

      786432:y5B+KU1h/JyVmIGrtMIDc/SKduUetISVwFow/0391pmar0ScuVaz:yIjxyVxUtMIDkDdWwFow8t1Qarm

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

    • Target

      PyWare.pyc

    • Size

      8KB

    • MD5

      c949c7f554d996a7e905e7bcbc99c167

    • SHA1

      d0c434bfe86651cc6651740eaf6a35d63ecf445c

    • SHA256

      a940f1c101b0c0c03f945e480e0baf9276d04dab9d404d17098fd4ab6b085d20

    • SHA512

      2ceed4a5d8339591c69e7d3be7aba03672a1f8772504cf1ed5508d5ffc3dcdf17079ca63b1643265a645572d9c0a694761a837e17c6e19e96f0588c0054b0eab

    • SSDEEP

      96:NnfdxvNkTiA016xLMFmhNehJCYr0Jn6ZZsN9oan2xg2TubTMgRZk7Bgm8Qfb/2:Fl3km16xWm+gUrsN9Rn2bT0Cl8Qfr2

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks