Overview

overview

8

Static

static

3

web.exe

windows10-2004-x64

8

web.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    web.exe

  • Size

    7.2MB

  • Sample

    241001-zlbd6atcnf

  • MD5

    7c09e1db507e1f479849d15049cb0ffa

  • SHA1

    541fa39b69eea9019494cf9fe3c88187b5ad5373

  • SHA256

    7f0718d5946b921d9f4ceabfc50da27122fd6dba789511332092b2c108fbe33b

  • SHA512

    7a66ff9d1804b4d217ad6af83b2674fb7f2e37679e08ceaaa147d8a278beab246633956869287cbc1e7136a00b7139517adebf10cbdeaef3edff9aa2a0829a8a

  • SSDEEP

    196608:8JCeVEyXMCHGLLc54i1wN+IjXx5nDasqWQ2dTNUGql2+iITxavM:6CeVEyXMCHWUjwjx5WsqWxTwrT8U

Score
8/10
evasionpersistenceprivilege_escalationpyinstaller

Malware Config

Targets

    • Target

      web.exe

    • Size

      7.2MB

    • MD5

      7c09e1db507e1f479849d15049cb0ffa

    • SHA1

      541fa39b69eea9019494cf9fe3c88187b5ad5373

    • SHA256

      7f0718d5946b921d9f4ceabfc50da27122fd6dba789511332092b2c108fbe33b

    • SHA512

      7a66ff9d1804b4d217ad6af83b2674fb7f2e37679e08ceaaa147d8a278beab246633956869287cbc1e7136a00b7139517adebf10cbdeaef3edff9aa2a0829a8a

    • SSDEEP

      196608:8JCeVEyXMCHGLLc54i1wN+IjXx5nDasqWQ2dTNUGql2+iITxavM:6CeVEyXMCHWUjwjx5WsqWxTwrT8U

    Score
    8/10
    evasionpersistenceprivilege_escalation

    • Drops file in Drivers directory

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    behavioral1

    • Target

      web.pyc

    • Size

      3KB

    • MD5

      489942e9105638fd27f993db54069270

    • SHA1

      856465a40678549b3042135eb08e252cc8ee6883

    • SHA256

      f5bcf98de5edf7cdda2bec5e3b0aa321e020c9dadbd1fcb48cb39e5deb00bac5

    • SHA512

      8a3c6ffb077762d261633bfd322ec3bb7544d3d1b23bfcf093d91c91762583a4f90ed8f6dc781d55eb8787d991a72bf218d114a9f719e72a068445499a97ec2e

    Score
    3/10
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks