Overview

overview

8

Static

static

3

PrismifyrSetup.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PrismifyrSetup.exe

  • Size

    62.0MB

  • Sample

    240930-w6cwyazapn

  • MD5

    79440ee002e61da9363e7754c0fbc5ce

  • SHA1

    7d917568ba89c6ea7cfd510bc16eafcc526aa02c

  • SHA256

    c04e5dc40f72419845165d9298c3c75524510a90e118eb5c8805aa92c9e67076

  • SHA512

    aba166805a8ebcfbbc8ca05fce577b052782629d5b7e44c493670fd647fc5d3cff23e84d77da93cdaf120a4b4935049611a4bbeb18a1a5f4d215b44528e75c59

  • SSDEEP

    786432:fMguj8Q4VfvuqFTrYuKodJNWQwod0NWIVyJf/Wyt:fiAQIHukH/dJs+d0spJz

Score
8/10
defense_evasionexecution

Malware Config

Targets

    • Target

      PrismifyrSetup.exe

    • Size

      62.0MB

    • MD5

      79440ee002e61da9363e7754c0fbc5ce

    • SHA1

      7d917568ba89c6ea7cfd510bc16eafcc526aa02c

    • SHA256

      c04e5dc40f72419845165d9298c3c75524510a90e118eb5c8805aa92c9e67076

    • SHA512

      aba166805a8ebcfbbc8ca05fce577b052782629d5b7e44c493670fd647fc5d3cff23e84d77da93cdaf120a4b4935049611a4bbeb18a1a5f4d215b44528e75c59

    • SSDEEP

      786432:fMguj8Q4VfvuqFTrYuKodJNWQwod0NWIVyJf/Wyt:fiAQIHukH/dJs+d0spJz

    Score
    8/10
    defense_evasionexecution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Hide Artifacts: Hidden Window

      Windows that would typically be displayed when an application carries out an operation can be hidden.

      defense_evasion

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks