a1c7e8b72c3e544d318765602ce0fd9a039abdaa9d16aeb21b967dcafd6e4a45 | Triage

Sharing

General

Target

a1c7e8b72c3e544d318765602ce0fd9a039abdaa9d16aeb21b967dcafd6e4a45
Size

8.8MB
Sample

240808-hp5nqs1bpl
MD5

4bc2c30628477e0f313e5127687eba5b
SHA1

d725e50acd754dee9c57b184900f9e0c7ba46a49
SHA256

a1c7e8b72c3e544d318765602ce0fd9a039abdaa9d16aeb21b967dcafd6e4a45
SHA512

73e2f06cafbc44f9de10f0abfaba3e3dd9206d48daea65be321854f0bf267d25707bcae175356661eccd3e151b538ea9ef26f47c9118df3d9016d976e7982a13
SSDEEP

196608:ixypbQA1HeT39Iigw1xeE9TFa0Z8DOjCdylVSEFSQpgKzioz:UMbp1+TtIiFmY9Z8D8Cclsw5W4nz

Score

9^/10

evasion pyinstaller

Malware Config

Targets

- Target
  
  a1c7e8b72c3e544d318765602ce0fd9a039abdaa9d16aeb21b967dcafd6e4a45
- Size
  
  8.8MB
- MD5
  
  4bc2c30628477e0f313e5127687eba5b
- SHA1
  
  d725e50acd754dee9c57b184900f9e0c7ba46a49
- SHA256
  
  a1c7e8b72c3e544d318765602ce0fd9a039abdaa9d16aeb21b967dcafd6e4a45
- SHA512
  
  73e2f06cafbc44f9de10f0abfaba3e3dd9206d48daea65be321854f0bf267d25707bcae175356661eccd3e151b538ea9ef26f47c9118df3d9016d976e7982a13
- SSDEEP
  
  196608:ixypbQA1HeT39Iigw1xeE9TFa0Z8DOjCdylVSEFSQpgKzioz:UMbp1+TtIiFmY9Z8D8Cclsw5W4nz
Score

9^/10

evasion
- Enumerates VirtualBox DLL files
- Looks for VirtualBox drivers on disk
  evasion
- Looks for VirtualBox executables on disk
- Looks for VMWare drivers on disk
  evasion
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

File and Directory Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2