Overview

overview

7

Static

static

3

zorix4.5.exe

windows7-x64

7

zorix4.5.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    zorix4.5.exe

  • Size

    15.8MB

  • Sample

    240726-txwatasgjh

  • MD5

    d4c4b51d984399b029e2ed19a7080a01

  • SHA1

    d3b237f6efbfabda814468fc4a6b440084dad1bc

  • SHA256

    8358beb91036833120ab8e0f8f8f061edb27bdb66c1064e379aa603be0e3dc45

  • SHA512

    70f807b1038d338b6c388267f50577a2b5a18a703998006be08f2454ef7bb326cd02d76bcaed565a2b024f8e68ef6d7d9471d39835f33908318301005eeee25e

  • SSDEEP

    393216:naqszf490RQETSTqcvJJaHW8p24e985AfIrXF:dszfm0RQEWTqchCW8p2RP8F

Score
7/10
discoverypyinstaller

Malware Config

Targets

    • Target

      zorix4.5.exe

    • Size

      15.8MB

    • MD5

      d4c4b51d984399b029e2ed19a7080a01

    • SHA1

      d3b237f6efbfabda814468fc4a6b440084dad1bc

    • SHA256

      8358beb91036833120ab8e0f8f8f061edb27bdb66c1064e379aa603be0e3dc45

    • SHA512

      70f807b1038d338b6c388267f50577a2b5a18a703998006be08f2454ef7bb326cd02d76bcaed565a2b024f8e68ef6d7d9471d39835f33908318301005eeee25e

    • SSDEEP

      393216:naqszf490RQETSTqcvJJaHW8p24e985AfIrXF:dszfm0RQEWTqchCW8p2RP8F

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

    • Target

      main.pyc

    • Size

      40KB

    • MD5

      94e9e507be572683229b3e6e07e5d272

    • SHA1

      7cb13c249ce90a1c97e4b6df08f4c909f9815604

    • SHA256

      f86d89730c5673904a31c3ded557d684ec624ef4ed17551eb7c59a7a6352a799

    • SHA512

      1a5f5a9d7ad68f6cc8dc53d9623e8ceaea8728dd65eab5b7ed8dad9c222b4b569b1ba3855d8497d49ff56efacfa3d0ad4b750ee09e1adf3dc229e723baf6b334

    • SSDEEP

      768:DHsQnKWKmmJhpqxVjhu3EYvslSU11Jqv5P2o65zZxf:DMQuRGLDY0JDO5P2oozvf

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks