Overview

overview

8

Static

static

8

PySilon-ma...2).zip

windows7-x64

1

PySilon-ma...2).zip

windows10-2004-x64

1

PySilon-ma...nux.sh

ubuntu-18.04-amd64

1

PySilon-ma...nux.sh

debian-9-armhf

1

PySilon-ma...nux.sh

debian-9-mips

1

PySilon-ma...nux.sh

debian-9-mipsel

1

PySilon-ma...on.bat

windows7-x64

1

PySilon-ma...on.bat

windows10-2004-x64

1

PySilon-ma...der.py

windows7-x64

3

PySilon-ma...der.py

windows10-2004-x64

3

PySilon-ma...ler.py

windows7-x64

3

PySilon-ma...ler.py

windows10-2004-x64

3

PySilon-ma...64.exe

windows7-x64

4

PySilon-ma...64.exe

windows10-2004-x64

4

PySilon-ma...ber.py

windows7-x64

3

PySilon-ma...ber.py

windows10-2004-x64

3

PySilon-ma...ies.py

windows7-x64

3

PySilon-ma...ies.py

windows10-2004-x64

3

PySilon-ma...64.dll

windows7-x64

1

PySilon-ma...64.dll

windows10-2004-x64

1

PySilon-ma...isc.py

windows7-x64

3

PySilon-ma...isc.py

windows10-2004-x64

3

PySilon-ma...ber.py

windows7-x64

3

PySilon-ma...ber.py

windows10-2004-x64

3

PySilon-ma...ons.py

windows7-x64

3

PySilon-ma...ons.py

windows10-2004-x64

3

PySilon-ma...rol.py

windows7-x64

3

PySilon-ma...rol.py

windows10-2004-x64

3

PySilon-ma...put.py

windows7-x64

3

PySilon-ma...put.py

windows10-2004-x64

3

PySilon-ma...sod.py

windows7-x64

3

PySilon-ma...sod.py

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PySilon-malware-3.7.5 (2).zip

  • Size

    27.3MB

  • Sample

    240806-26nakatdnr

  • MD5

    6299e5719747d4fd91c3ffc700b27bd7

  • SHA1

    1c11cb42397ec11456ab73aed19423f00fdd09fb

  • SHA256

    2757fa3287b7c4ebbe244efdf36758c50f961226c4b35d61b8e9926f793a6a16

  • SHA512

    fabbaac16e31514408b01ac8e55fe2731735b52a36e4986682b7f928489787b3482521aaab5cc83fb1e4d9b34eef6322f06648d6b6b60201cc26e2b626a9fd9d

  • SSDEEP

    786432:mD8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJr5JFjk6:mLKWu4UVGbS/r2fL6tJrThD

Score
8/10
discoverylinuxupx

Malware Config

Targets

    • Target

      PySilon-malware-3.7.5 (2).zip

    • Size

      27.3MB

    • MD5

      6299e5719747d4fd91c3ffc700b27bd7

    • SHA1

      1c11cb42397ec11456ab73aed19423f00fdd09fb

    • SHA256

      2757fa3287b7c4ebbe244efdf36758c50f961226c4b35d61b8e9926f793a6a16

    • SHA512

      fabbaac16e31514408b01ac8e55fe2731735b52a36e4986682b7f928489787b3482521aaab5cc83fb1e4d9b34eef6322f06648d6b6b60201cc26e2b626a9fd9d

    • SSDEEP

      786432:mD8QQbWu4p2VP+TP1dnSV+e/SJaVPe/p3VL6tJr5JFjk6:mLKWu4UVGbS/r2fL6tJrThD

    Score
    1/10
    behavioral1behavioral2

    • Target

      PySilon-malware-3.7.5/PySilon-linux.sh

    • Size

      5KB

    • MD5

      371121f4ce94ddaddc31bc515acc3711

    • SHA1

      5f0f63683a1c7c2163410213c0f5b4b10aba5cb3

    • SHA256

      c0eca671a36668a9f53b221ba1c96f28d879d0c36931d3d01df75f6b40f753ff

    • SHA512

      809b242431ab3235c5c2f787ddfdf7e7bbec140f6bcb14bd2ab168c74a06e7d3137767f1410dc670f794fd058063fe002dd6f297165d5c10883ff9503b10cc93

    • SSDEEP

      96:dRnU5upT22O4adoJKHKL0kKEcipK9pmDEKvaoGBlooYsvz5m/iRfA:dDTs4UoN0ODRaoGBlooYIz5m/itA

    Score
    1/10
    behavioral3behavioral4behavioral5behavioral6

    • Target

      PySilon-malware-3.7.5/PySilon.bat

    • Size

      1KB

    • MD5

      cf398d98fb2c781a005680ff61eca5e4

    • SHA1

      2833f41537d797d6b4434c3698ca251602be1f24

    • SHA256

      11dcf597781ab821bae1bcbc1eeeccdf2b91f10fa4f34e9a8e441cbbd88ff08c

    • SHA512

      f1b7b38cb8e8d4990cffc682abc26a3bd7041c2ff3791ede86978c6194e040c51e545153495b2518e68163c185c0b8eca67369102b66d0204331b81cac515d0c

    Score
    1/10
    behavioral7behavioral8

    • Target

      PySilon-malware-3.7.5/builder.py

    • Size

      30KB

    • MD5

      f011ab09f5e640bbf339d9edd93e2739

    • SHA1

      cfe055600b42ed2eb3b77c3f9632301cd4c3e6dd

    • SHA256

      443bd85e3bf8d6a5880400025047933bf58e7cccdb9f1c7585fc6932113f2fdb

    • SHA512

      bdae087b6fa1a781805fa8a1a2b248e23226261bb4be179dcf1b762f0a1241f7d697797434f23e0820ab39b4c6156c9b4674383cdfb251ce346351132b6ee3b3

    • SSDEEP

      768:d2PufIVSZvFWL2sthHqxFgYP0kqhvqeju:d22QEZvMLp/HqxFgYP0kqhvqei

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      PySilon-malware-3.7.5/compiler.py

    • Size

      4KB

    • MD5

      aadef420fde1ac41b1635c7c3ad28e5e

    • SHA1

      ad6f209d53d39418dbc057dc432527bac5d3f40b

    • SHA256

      0202e6c73f6bd429cb704474354898c8aad29885b058a25aca738cda75bbb69d

    • SHA512

      f7f3c78f7a86d4414be2917ae34e35b24f9f18e1ae451a1b748fb21b6e856034f9581a4d13e5a674537180293b106a4a5efebe45e03d9ff69f500be730424194

    • SSDEEP

      96:ODwmTAYUtPvMjoDpz0I9dwsKgwS8n151QqlrAFUetud18ZCrGOF+L6v:O6YUtPvMMDIul+tQu0qe0p+L6v

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      PySilon-malware-3.7.5/python-3.12.4-amd64.exe

    • Size

      25.5MB

    • MD5

      f3df1be26cc7cbd8252ab5632b62d740

    • SHA1

      3b1f54802b4cb8c02d1eb78fc79f95f91e8e49e4

    • SHA256

      da5809df5cb05200b3a528a186f39b7d6186376ce051b0a393f1ddf67c995258

    • SHA512

      2f9a11ffae6d9f1ed76bf816f28812fcba71f87080b0c92e52bfccb46243118c5803a7e25dd78003ca7d66501bfcdce8ff7c691c63c0038b0d409ca3842dcc89

    • SSDEEP

      786432:zRd0l0X/46+nq1rcVqA5Z2bQcLsv0GlYrJF55e2nRk:L5P46+q1QTILMKB5e2nRk

    Score
    4/10
    discovery
    behavioral13behavioral14

    • Target

      PySilon-malware-3.7.5/resources/discord_token_grabber.py

    • Size

      12KB

    • MD5

      32c812c4d73d3e3e2fb9ae35e6262dbe

    • SHA1

      37525639cc07d60bf39ae7c50be248b7ae7832e3

    • SHA256

      09b16591c62127f39c138f3d36537d5577042ee9349bd9bca075a0c5bb13c823

    • SHA512

      a1f8f0e08bcfd36b6fce4c3d7e9322692e57034f918de3ff42bbc6d30fe6a59e01c52c4276235a23000e3b1f230b44224ebfc34ef466d6c410081c28bea8a139

    • SSDEEP

      384:xP2g/IOwWb1IdsvxtMwv3tMwvQk6fi3sY5Gl4:1IHaZt7vt7YVfi3s7l4

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      PySilon-malware-3.7.5/resources/get_cookies.py

    • Size

      5KB

    • MD5

      9fbfdf3363bef58201cb58f8c47a5c90

    • SHA1

      c932298a07c455b468bcae7b3fa4868aef5fda02

    • SHA256

      50659c02385bd90d268e5c9cb39710d99dd84dc9637b1cf1eeb0413fb624f763

    • SHA512

      98d62d0403377dc0a40a9d400bea0d394e972659be0d12360cc398681fc8f1ee3de7aefa7ab68c2fa17081e7261466e233d9760012f1c27b8f309ead964743ca

    • SSDEEP

      96:kXFbaDLJC/3LPAsTyjHJ2uCE/Mz5ClOla+lfe:kVbsVMEakDCE/MFCsc4m

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      PySilon-malware-3.7.5/resources/libopus-0.x64.dll

    • Size

      431KB

    • MD5

      0e078e75ab375a38f99245b3fefa384a

    • SHA1

      b4c2fda3d4d72c3e3294beb8aa164887637ca22a

    • SHA256

      c84da836e8d92421ac305842cfe5a724898ed09d340d46b129e210bdc9448131

    • SHA512

      fa838dab0a8a07ee7c370dd617073a5f795838c3518a6f79ee17d5ebc48b78cebd680e9c8cbe54f912ceb0ae6112147fb40182bcfdcc194b73aa6bab21427bfd

    • SSDEEP

      6144:QzvQP4JEH+xiPuym+Sl1AhOtw6qIUZtvJd3dbK2lbO2miHWQAD03N3hg9/To88jC:Q6Ho+8p0IU3BW2s2miwmOLozjJ

    Score
    1/10
    behavioral19behavioral20

    • Target

      PySilon-malware-3.7.5/resources/misc.py

    • Size

      2KB

    • MD5

      d6a7a397e1626ba1e7346f890f31866c

    • SHA1

      a8d2e69bb24c287232a22055e0333c6da746853f

    • SHA256

      98c3c9e981f91b6eb10db0217a16da8c7ba0891e6ad392061d1332fe4af96742

    • SHA512

      dfd6f95aee07e1845e0a475b8473f92d73d03927e3835facb3c9ebebacbd4d34725dd26d63419d0b6e06a999d71c22c99e2697db585e19f397d15ba747425b6e

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      PySilon-malware-3.7.5/resources/passwords_grabber.py

    • Size

      4KB

    • MD5

      d501b318f5df2e0c18cef8a64161326b

    • SHA1

      8d3d44fce5a9df6fa728f6f090e0a6c239c90736

    • SHA256

      6bae31f78fa66e73da3a5d7e7e489c4c79d36da8811fa94d5bbf052eb3d28f86

    • SHA512

      683f2d34a12712a65a293d7b7ede3028a52ed0f5aebb6a9c18cbeafcfe769c20b07e7db2af31edb60f4ac870c2aa16a16a625270242ca6b9dbb30f740b1f6340

    • SSDEEP

      96:D9b569f3ItMS2tdNWkOHKy0BZfnMJ6dHZdgoLHZtU5jNEYDmbVjp5t:Dl569f3wM5N/OdcZvMJ6dH/bZtUjFDGV

    Score
    3/10
    discovery
    behavioral23behavioral24

    • Target

      PySilon-malware-3.7.5/resources/protections.py

    • Size

      1KB

    • MD5

      f5f7860862ff9026ae5ef626ccbf7c59

    • SHA1

      f0b9827394cc388ed07b9cbdb44b8aafc3b44820

    • SHA256

      8370294651cf9164b5183033e0adaeb3fea820359f9652f06713c135cf549b59

    • SHA512

      24553294f40b295af656ccd39efedd905d6fe9d68fb78e0b4311f22907dd1b6faf2f9f37bd41b0a163a9e85d5c6a88dbb7c54226822199c9f85efaeac68fb0e1

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      PySilon-malware-3.7.5/resources/source_code/audio_control.py

    • Size

      3KB

    • MD5

      6a760b020cd268cbb98d75c56a8a4862

    • SHA1

      42361cb81b705d959c6d4107397f675467531446

    • SHA256

      adc2207e1c6b83eb6dabb2963f1f518e7b469394871b70688c7acd26df115a92

    • SHA512

      a95a174012ae155a1643e1d6f6333a3dbb9b5398c39602fb53ec0c5eebcb140c0b128477a23e01debe6fcfefb9b1bf8e5c1784404d0f1b44a1cf59b55f00a8b2

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      PySilon-malware-3.7.5/resources/source_code/block_input.py

    • Size

      2KB

    • MD5

      b70feedd80d5267aadc24132ecda5633

    • SHA1

      1f4995eee52226ca1c2d6c54ea98900120093c88

    • SHA256

      346216866f911ddd4a4f80ac15dcf25d3fc6a49a9024f19facc599561afc1072

    • SHA512

      0471eb21e3ff9f99f4afb3fb174f453a9b7c7096576791fb8e23a47eba78706ccd53de6011ed3f91eccd23f187b80a56980ef2360c95285fc69d94779cac73c6

    Score
    3/10
    discovery
    behavioral29behavioral30

    • Target

      PySilon-malware-3.7.5/resources/source_code/bsod.py

    • Size

      782B

    • MD5

      97d02293e28ece94f91f3a739897e595

    • SHA1

      328eae0fc97dcbc5949eb5d29298eecda7ae8a08

    • SHA256

      4f2b74ea05b9d5a79323c3e035e72903bc9a8d9ad834113b21a44006583c2714

    • SHA512

      d3fc6dac3d4a6e587246816dbeaee280a295d7633f58a127c63481d9a864ba012e06ab3ea3b90724b25835f0ca45284be333cdd90e400705b6dcdb4ecb9b71db

    Score
    3/10
    discovery
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

10
T1082

System Location Discovery

11
T1614

System Language Discovery

11
T1614.001

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

upx
Score
8/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

discovery
Score
3/10

behavioral10

Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

Score
3/10

behavioral13

discovery
Score
4/10

behavioral14

discovery
Score
4/10

behavioral15

discovery
Score
3/10

behavioral16

Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

discovery
Score
3/10

behavioral22

Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

Score
3/10