b01ee9e4b7e57dc0d9a0415723cbc1e7df84c90b352d9b2a716e222360961de8 | Triage

Sharing

General

Target

PySilon-malware-main.zip
Size

2.0MB
Sample

240905-pg217s1flb
MD5

3bd17906b7b10befd6290b1f09f78b0f
SHA1

e99d2bd8818d59131e912ba0cbf1bfc8777a7f57
SHA256

b01ee9e4b7e57dc0d9a0415723cbc1e7df84c90b352d9b2a716e222360961de8
SHA512

01c594e4558cfe607ecde5666467d44992c098c134aa073b8d24a1c29f9a1a21d795cd14d2bec8e16d6fba0be917116b8471318aa268fd3fc9488281107b0e17
SSDEEP

49152:AFz8ElxXSzKzKpyWkppF3wBx7+nAbnAaoZmlA:yNlxXY3pyV935enRoZmlA

Score

8^/10

discovery linux upx

Malware Config

Targets

- Target
  
  PySilon-malware-main/PySilon-linux.sh
- Size
  
  5KB
- MD5
  
  371121f4ce94ddaddc31bc515acc3711
- SHA1
  
  5f0f63683a1c7c2163410213c0f5b4b10aba5cb3
- SHA256
  
  c0eca671a36668a9f53b221ba1c96f28d879d0c36931d3d01df75f6b40f753ff
- SHA512
  
  809b242431ab3235c5c2f787ddfdf7e7bbec140f6bcb14bd2ab168c74a06e7d3137767f1410dc670f794fd058063fe002dd6f297165d5c10883ff9503b10cc93
- SSDEEP
  
  96:dRnU5upT22O4adoJKHKL0kKEcipK9pmDEKvaoGBlooYsvz5m/iRfA:dDTs4UoN0ODRaoGBlooYIz5m/itA
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  PySilon-malware-main/PySilon.bat
- Size
  
  1KB
- MD5
  
  cf398d98fb2c781a005680ff61eca5e4
- SHA1
  
  2833f41537d797d6b4434c3698ca251602be1f24
- SHA256
  
  11dcf597781ab821bae1bcbc1eeeccdf2b91f10fa4f34e9a8e441cbbd88ff08c
- SHA512
  
  f1b7b38cb8e8d4990cffc682abc26a3bd7041c2ff3791ede86978c6194e040c51e545153495b2518e68163c185c0b8eca67369102b66d0204331b81cac515d0c
Score

1^/10
behavioral5 behavioral6
- Target
  
  PySilon-malware-main/builder.py
- Size
  
  30KB
- MD5
  
  f011ab09f5e640bbf339d9edd93e2739
- SHA1
  
  cfe055600b42ed2eb3b77c3f9632301cd4c3e6dd
- SHA256
  
  443bd85e3bf8d6a5880400025047933bf58e7cccdb9f1c7585fc6932113f2fdb
- SHA512
  
  bdae087b6fa1a781805fa8a1a2b248e23226261bb4be179dcf1b762f0a1241f7d697797434f23e0820ab39b4c6156c9b4674383cdfb251ce346351132b6ee3b3
- SSDEEP
  
  768:d2PufIVSZvFWL2sthHqxFgYP0kqhvqeju:d22QEZvMLp/HqxFgYP0kqhvqei
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  PySilon-malware-main/compiler.py
- Size
  
  4KB
- MD5
  
  aadef420fde1ac41b1635c7c3ad28e5e
- SHA1
  
  ad6f209d53d39418dbc057dc432527bac5d3f40b
- SHA256
  
  0202e6c73f6bd429cb704474354898c8aad29885b058a25aca738cda75bbb69d
- SHA512
  
  f7f3c78f7a86d4414be2917ae34e35b24f9f18e1ae451a1b748fb21b6e856034f9581a4d13e5a674537180293b106a4a5efebe45e03d9ff69f500be730424194
- SSDEEP
  
  96:ODwmTAYUtPvMjoDpz0I9dwsKgwS8n151QqlrAFUetud18ZCrGOF+L6v:O6YUtPvMMDIul+tQu0qe0p+L6v
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  PySilon-malware-main/resources/discord_token_grabber.py
- Size
  
  12KB
- MD5
  
  32c812c4d73d3e3e2fb9ae35e6262dbe
- SHA1
  
  37525639cc07d60bf39ae7c50be248b7ae7832e3
- SHA256
  
  09b16591c62127f39c138f3d36537d5577042ee9349bd9bca075a0c5bb13c823
- SHA512
  
  a1f8f0e08bcfd36b6fce4c3d7e9322692e57034f918de3ff42bbc6d30fe6a59e01c52c4276235a23000e3b1f230b44224ebfc34ef466d6c410081c28bea8a139
- SSDEEP
  
  384:xP2g/IOwWb1IdsvxtMwv3tMwvQk6fi3sY5Gl4:1IHaZt7vt7YVfi3s7l4
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  PySilon-malware-main/resources/get_cookies.py
- Size
  
  5KB
- MD5
  
  9fbfdf3363bef58201cb58f8c47a5c90
- SHA1
  
  c932298a07c455b468bcae7b3fa4868aef5fda02
- SHA256
  
  50659c02385bd90d268e5c9cb39710d99dd84dc9637b1cf1eeb0413fb624f763
- SHA512
  
  98d62d0403377dc0a40a9d400bea0d394e972659be0d12360cc398681fc8f1ee3de7aefa7ab68c2fa17081e7261466e233d9760012f1c27b8f309ead964743ca
- SSDEEP
  
  96:kXFbaDLJC/3LPAsTyjHJ2uCE/Mz5ClOla+lfe:kVbsVMEakDCE/MFCsc4m
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  PySilon-malware-main/resources/libopus-0.x64.dll
- Size
  
  431KB
- MD5
  
  0e078e75ab375a38f99245b3fefa384a
- SHA1
  
  b4c2fda3d4d72c3e3294beb8aa164887637ca22a
- SHA256
  
  c84da836e8d92421ac305842cfe5a724898ed09d340d46b129e210bdc9448131
- SHA512
  
  fa838dab0a8a07ee7c370dd617073a5f795838c3518a6f79ee17d5ebc48b78cebd680e9c8cbe54f912ceb0ae6112147fb40182bcfdcc194b73aa6bab21427bfd
- SSDEEP
  
  6144:QzvQP4JEH+xiPuym+Sl1AhOtw6qIUZtvJd3dbK2lbO2miHWQAD03N3hg9/To88jC:Q6Ho+8p0IU3BW2s2miwmOLozjJ
Score

1^/10
behavioral15 behavioral16
- Target
  
  PySilon-malware-main/resources/misc.py
- Size
  
  2KB
- MD5
  
  d6a7a397e1626ba1e7346f890f31866c
- SHA1
  
  a8d2e69bb24c287232a22055e0333c6da746853f
- SHA256
  
  98c3c9e981f91b6eb10db0217a16da8c7ba0891e6ad392061d1332fe4af96742
- SHA512
  
  dfd6f95aee07e1845e0a475b8473f92d73d03927e3835facb3c9ebebacbd4d34725dd26d63419d0b6e06a999d71c22c99e2697db585e19f397d15ba747425b6e
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  PySilon-malware-main/resources/passwords_grabber.py
- Size
  
  4KB
- MD5
  
  d501b318f5df2e0c18cef8a64161326b
- SHA1
  
  8d3d44fce5a9df6fa728f6f090e0a6c239c90736
- SHA256
  
  6bae31f78fa66e73da3a5d7e7e489c4c79d36da8811fa94d5bbf052eb3d28f86
- SHA512
  
  683f2d34a12712a65a293d7b7ede3028a52ed0f5aebb6a9c18cbeafcfe769c20b07e7db2af31edb60f4ac870c2aa16a16a625270242ca6b9dbb30f740b1f6340
- SSDEEP
  
  96:D9b569f3ItMS2tdNWkOHKy0BZfnMJ6dHZdgoLHZtU5jNEYDmbVjp5t:Dl569f3wM5N/OdcZvMJ6dH/bZtUjFDGV
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  PySilon-malware-main/resources/protections.py
- Size
  
  1KB
- MD5
  
  f5f7860862ff9026ae5ef626ccbf7c59
- SHA1
  
  f0b9827394cc388ed07b9cbdb44b8aafc3b44820
- SHA256
  
  8370294651cf9164b5183033e0adaeb3fea820359f9652f06713c135cf549b59
- SHA512
  
  24553294f40b295af656ccd39efedd905d6fe9d68fb78e0b4311f22907dd1b6faf2f9f37bd41b0a163a9e85d5c6a88dbb7c54226822199c9f85efaeac68fb0e1
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  PySilon-malware-main/resources/source_code/audio_control.py
- Size
  
  3KB
- MD5
  
  6a760b020cd268cbb98d75c56a8a4862
- SHA1
  
  42361cb81b705d959c6d4107397f675467531446
- SHA256
  
  adc2207e1c6b83eb6dabb2963f1f518e7b469394871b70688c7acd26df115a92
- SHA512
  
  a95a174012ae155a1643e1d6f6333a3dbb9b5398c39602fb53ec0c5eebcb140c0b128477a23e01debe6fcfefb9b1bf8e5c1784404d0f1b44a1cf59b55f00a8b2
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  PySilon-malware-main/resources/source_code/block_input.py
- Size
  
  2KB
- MD5
  
  b70feedd80d5267aadc24132ecda5633
- SHA1
  
  1f4995eee52226ca1c2d6c54ea98900120093c88
- SHA256
  
  346216866f911ddd4a4f80ac15dcf25d3fc6a49a9024f19facc599561afc1072
- SHA512
  
  0471eb21e3ff9f99f4afb3fb174f453a9b7c7096576791fb8e23a47eba78706ccd53de6011ed3f91eccd23f187b80a56980ef2360c95285fc69d94779cac73c6
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  PySilon-malware-main/resources/source_code/bsod.py
- Size
  
  782B
- MD5
  
  97d02293e28ece94f91f3a739897e595
- SHA1
  
  328eae0fc97dcbc5949eb5d29298eecda7ae8a08
- SHA256
  
  4f2b74ea05b9d5a79323c3e035e72903bc9a8d9ad834113b21a44006583c2714
- SHA512
  
  d3fc6dac3d4a6e587246816dbeaee280a295d7633f58a127c63481d9a864ba012e06ab3ea3b90724b25835f0ca45284be333cdd90e400705b6dcdb4ecb9b71db
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  PySilon-malware-main/resources/source_code/crypto_clipper.py
- Size
  
  4KB
- MD5
  
  8e512488105128ef43b45a026c02bcb2
- SHA1
  
  3728ddbb7f1af53bd3c0a3afce4bf38e99fa7b6f
- SHA256
  
  a10f1d124d8b4d22cb0a612493c747d06209dd3a793965fda8b4de9d075ff34e
- SHA512
  
  46118eac86c291bb7e46bf1a9ea07d62388a3e09f25d79c69e08d42f3bdaf6be68dcb60d8e69936c80f97b0dddfcacc6e073a221736f808a4d744ba6aabc8864
- SSDEEP
  
  96:a1LoVOBa5ASQtCd45yO5HvgyKo/WzIRLTwM/hRBSLUrPlb/W/R//tXM/xR0:xOBa5ASQtCd4IO5Pv+0iMJXTZ+/Z/pMQ
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  PySilon-malware-main/resources/source_code/file_downloading.py
- Size
  
  4KB
- MD5
  
  d3d2c2469f0f3e335cc3bfc343aaeb0d
- SHA1
  
  3db2a71c63dda6ffbe66ddd9c101d7a0f2266be8
- SHA256
  
  58005391141c40223e90e3e6e1f98ec8ac69b9cb0c46e5fb8ec98cd646eda0dd
- SHA512
  
  ea012e34d593c32b0fdf1ef3376468bc2e40914beb476a4fd3b127eaca659e9957e936017f199bfd893e54ca07a0dcdd3b7cd6579226c0d3f91b4b6d97f5aa7a
- SSDEEP
  
  48:eYQn45DIAtaAhvOiFjjn80sUpSN4G58mVtac6uo/iftaghvrYqy5taghvj:eD4l0AhJjz8M0CG58m2h6Ygh8Egh7
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32