de0b7590d6f9448f86064b8a6f8def2d73a98b9555af605dfe21b6c355e1b1a4 | Triage

Sharing

General

Target

swat.exe
Size

39.0MB
Sample

240712-zdxmes1gjf
MD5

e8ad1b802dcb37c83ac53a914b5dd823
SHA1

85eeaac2da5ab59f2f1be41694569550b9a412bf
SHA256

de0b7590d6f9448f86064b8a6f8def2d73a98b9555af605dfe21b6c355e1b1a4
SHA512

05d98a95274893ede5a11e2b61e84492ddf2b9d6ddbabe8e357ca844e052e57e7b77c3c126d9333089cc97f43b9d5a5ae08a2fb209c97e863aab898046b43384
SSDEEP

786432:YaAVW2kJj01+l+uqgvDf81QtIJ2j6+s7LWB75zuPNAhCa00jceO/oulkI:YRW5Jj01CprQiIJ2qHWB75iV3a00wB

Score

7^/10

execution pyinstaller

Malware Config

Targets

- Target
  
  swat.exe
- Size
  
  39.0MB
- MD5
  
  e8ad1b802dcb37c83ac53a914b5dd823
- SHA1
  
  85eeaac2da5ab59f2f1be41694569550b9a412bf
- SHA256
  
  de0b7590d6f9448f86064b8a6f8def2d73a98b9555af605dfe21b6c355e1b1a4
- SHA512
  
  05d98a95274893ede5a11e2b61e84492ddf2b9d6ddbabe8e357ca844e052e57e7b77c3c126d9333089cc97f43b9d5a5ae08a2fb209c97e863aab898046b43384
- SSDEEP
  
  786432:YaAVW2kJj01+l+uqgvDf81QtIJ2j6+s7LWB75zuPNAhCa00jceO/oulkI:YRW5Jj01CprQiIJ2qHWB75iV3a00wB
Score

7^/10
- Loads dropped DLL
behavioral1
- Target
  
  swat.pyc
- Size
  
  10KB
- MD5
  
  a1007d0575aa4b33107b2d5a7e6a143b
- SHA1
  
  859824ef5100761ea3b69bdf418dc606ef6d1b1b
- SHA256
  
  95b50ca84251c447b245a3d40fba88d6fcce9b596afe5884ea5a3b82898d5191
- SHA512
  
  6ce9882d47d96949a66e773632efc3679ffce66aa6e1c8916df492724ab36b918454fe223ef978f4568c4cbebdc91a4783a360e232099f43fd196c8b3c3b3e0e
- SSDEEP
  
  192:snQXlTWzfRhE6/yNIpbYZk8FHktZFsr7nJx1dG:4QlWzfvVVYZk6EDFsHrvG
Score

3^/10

execution
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2