293e262f96eeef47489e02231c6cf7ec362b85c8dc179fb8aa2d561b9687b174 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

thumb-removebg.png

windows10-2004-x64

8

thumb-removebg.png

windows11-21h2-x64

5

Sharing

General

Target

thumb-removebg.png
Size

49KB
Sample

240825-ae2v4axcrg
MD5

b91eb61d575b84123fe4f85d31396476
SHA1

9a65234b3e3736854a1c9bb266c5651d338d39dd
SHA256

293e262f96eeef47489e02231c6cf7ec362b85c8dc179fb8aa2d561b9687b174
SHA512

22dee3c0b61d8b3d37df75fb5a1d388047d37b62a6b8c5c71cfb518523b27491fdb2bd6fbfbbfd65cac58c81434af35afb0a18976fc7dda7fb2d34ea8175502e
SSDEEP

768:6MR6VSWz4LRRaEBFMt6s6LBWh/DFyNIc4aW7bauoOSg9T3Ugq:6BSWzaYEFi6DL8h/5y6cTW7bcODVq

Score

8^/10

discovery pyinstaller

Static task

static1

Behavioral task

behavioral1

Sample

thumb-removebg.png

Resource

win10v2004-20240802-en

discovery pyinstaller

windows10-2004-x64

23 signatures

1800 seconds

Behavioral task

behavioral2

Sample

thumb-removebg.png

Resource

win11-20240802-en

windows11-21h2-x64

14 signatures

1800 seconds

Malware Config

Targets

- Target
  
  thumb-removebg.png
- Size
  
  49KB
- MD5
  
  b91eb61d575b84123fe4f85d31396476
- SHA1
  
  9a65234b3e3736854a1c9bb266c5651d338d39dd
- SHA256
  
  293e262f96eeef47489e02231c6cf7ec362b85c8dc179fb8aa2d561b9687b174
- SHA512
  
  22dee3c0b61d8b3d37df75fb5a1d388047d37b62a6b8c5c71cfb518523b27491fdb2bd6fbfbbfd65cac58c81434af35afb0a18976fc7dda7fb2d34ea8175502e
- SSDEEP
  
  768:6MR6VSWz4LRRaEBFMt6s6LBWh/DFyNIc4aW7bauoOSg9T3Ugq:6BSWzaYEFi6DL8h/5y6cTW7bcODVq
Score

8^/10

discovery pyinstaller
- Contacts a large (740) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Network Service Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypyinstaller

behavioral2

© 2018-2024

Terms | Privacy