Resubmissions

13-07-2024 18:55

240713-xk64bstakj 10

13-07-2024 18:50

240713-xg3xhavfjb 10

General

  • Target

    samples_pcap.zip

  • Size

    20.5MB

  • MD5

    a37a8feea4cf91fe2223efd28a48e1aa

  • SHA1

    87b970c0012f7dfb630819ba3302dc87db360ffd

  • SHA256

    273ffc020f3bae8049be32d6b73371f35147f84ef19dfdad91217cdca3632d23

  • SHA512

    b402fee4ba98899312351bd4e6e2d1b6fccf5670f1ac702c5c707fa04e8c6734fda7f0ced26285557584cf2b0863b14746baa747738a5d7db042f64999571532

  • SSDEEP

    393216:kWsa0cDnk94tFL8zQSAJFn6vKDpPIbxnWqYNIuXPjr33vTvyApcn:kWswWus26SDpPI9Ujrr33v+H

Score
5/10

Malware Config

Signatures

  • YARA rule for Mozi IoT Botnet 1 IoCs

    Mozi IoT Botnet detection.

  • Detects Pyinstaller 2 IoCs
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • samples_pcap.zip
    .zip

    Password: infected

  • 25af3ae9f4ebe5413b0ca1080b69b0ca.bin
    .exe windows:5 windows x64 arch:x64

    Password: infected

    809ea02d92fea89353f33279290e8c9f


    Headers

    Imports

    Sections

  • payload.pyc
  • 25af3ae9f4ebe5413b0ca1080b69b0ca.pcap
  • decryptor.exe
    .exe windows:5 windows x64 arch:x64

    Password: infected

    809ea02d92fea89353f33279290e8c9f


    Headers

    Imports

    Sections

  • decryptor.pyc