5b97e07bcbb4c4c823f61f24269c57b3c1444c373585c16ef3fe4e4b52ecddb3 | Triage

Resubmissions

04-08-2024 21:45

240804-1l3zva1ejb 10

04-08-2024 21:42

240804-1kdnkaxaql 7

04-08-2024 21:35

240804-1fbcmswhqk 7

Sharing

General

Target

TestBot.exe
Size

20.6MB
Sample

240804-1fbcmswhqk
MD5

17105864a991aa75382276e5738d7a5e
SHA1

aadaa2ae5531aaa9228c35abd482512c36010c8c
SHA256

5b97e07bcbb4c4c823f61f24269c57b3c1444c373585c16ef3fe4e4b52ecddb3
SHA512

d64f59fd3e444cadc5c91a9a83a13e9cfa900a9466c8a8688b9a7eaa37f55c49d069da240221bada2db881a73fe33288694655ca59b5b01b6edc199f2d405021
SSDEEP

393216:Zl82I8cQ8vcLX1+TtIiFA0VoRW8E5u6/pwlE2mc6+jSx:PeQL1QtIwoRW8Iu1lE2mcDK

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  TestBot.exe
- Size
  
  20.6MB
- MD5
  
  17105864a991aa75382276e5738d7a5e
- SHA1
  
  aadaa2ae5531aaa9228c35abd482512c36010c8c
- SHA256
  
  5b97e07bcbb4c4c823f61f24269c57b3c1444c373585c16ef3fe4e4b52ecddb3
- SHA512
  
  d64f59fd3e444cadc5c91a9a83a13e9cfa900a9466c8a8688b9a7eaa37f55c49d069da240221bada2db881a73fe33288694655ca59b5b01b6edc199f2d405021
- SSDEEP
  
  393216:Zl82I8cQ8vcLX1+TtIiFA0VoRW8E5u6/pwlE2mc6+jSx:PeQL1QtIwoRW8Iu1lE2mcDK
Score

7^/10
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1