b553cd19fefd923981b8a14685630f844f9c3ced2fc392b0fad76d216f7334da | Triage

Sharing

General

Target

protect_distribution(1).exe
Size

6.9MB
Sample

240903-fpbdsaygne
MD5

cd6074780cfaf4208d8c7b0a65bad011
SHA1

8b40ba92e46409f31186cb865f602d866fe04bd4
SHA256

b553cd19fefd923981b8a14685630f844f9c3ced2fc392b0fad76d216f7334da
SHA512

a5e02a6b52886ecda98199f27395122e5ddec03ef48954b77c9d4fd50b38f865c5474fcda1412cb5e1c287179f0c05acbbea2013d068157bdeb25fb3109f5a24
SSDEEP

196608:Ji8YzGYYmk26SF2IeoJDAIZAxjV16l93At:5ywSk1k2R6vu

Score

7^/10

execution pyinstaller

Malware Config

Targets

- Target
  
  protect_distribution(1).exe
- Size
  
  6.9MB
- MD5
  
  cd6074780cfaf4208d8c7b0a65bad011
- SHA1
  
  8b40ba92e46409f31186cb865f602d866fe04bd4
- SHA256
  
  b553cd19fefd923981b8a14685630f844f9c3ced2fc392b0fad76d216f7334da
- SHA512
  
  a5e02a6b52886ecda98199f27395122e5ddec03ef48954b77c9d4fd50b38f865c5474fcda1412cb5e1c287179f0c05acbbea2013d068157bdeb25fb3109f5a24
- SSDEEP
  
  196608:Ji8YzGYYmk26SF2IeoJDAIZAxjV16l93At:5ywSk1k2R6vu
Score

7^/10

execution
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2