pysilon | 4940155370f9966aa10eb0bb3b2948803b07b65e16e704664beb54eb29f49134

Sharing

Copy URL

Twitter E-mail

General

Target

source_prepared.exe
Size

39.8MB
Sample

241024-wf87fsvame
MD5

101c32603ee828fdffdfd9cb5c215b69
SHA1

b7cdce760b0078be7ba4f1097b527fb1b9b2e8e1
SHA256

4940155370f9966aa10eb0bb3b2948803b07b65e16e704664beb54eb29f49134
SHA512

734f551ed87ea71b2d36e3fe4b968e4f7b2fc77b3591c7a48d541c67e6d7bb1577a87d2415b2ff399988b3276705a29e1b6ac5567c15cec8549fd86b96f3348d
SSDEEP

786432:rz9Yidh4jVl8ZLW8aN3hr+b0vN2j6+s7LWB75zuOOoj1Od9NhSH5SIsDV+DXbU:X9J4kLWr3hr+bq2qHWB75i2jYSwIuViX

Score

10^/10

Malware Config

Targets

- Target
  
  source_prepared.exe
- Size
  
  39.8MB
- MD5
  
  101c32603ee828fdffdfd9cb5c215b69
- SHA1
  
  b7cdce760b0078be7ba4f1097b527fb1b9b2e8e1
- SHA256
  
  4940155370f9966aa10eb0bb3b2948803b07b65e16e704664beb54eb29f49134
- SHA512
  
  734f551ed87ea71b2d36e3fe4b968e4f7b2fc77b3591c7a48d541c67e6d7bb1577a87d2415b2ff399988b3276705a29e1b6ac5567c15cec8549fd86b96f3348d
- SSDEEP
  
  786432:rz9Yidh4jVl8ZLW8aN3hr+b0vN2j6+s7LWB75zuOOoj1Od9NhSH5SIsDV+DXbU:X9J4kLWr3hr+bq2qHWB75i2jYSwIuViX
Score

9^/10

evasion execution persistence
- Enumerates VirtualBox DLL files
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  discord_token_grabber.pyc
- Size
  
  8KB
- MD5
  
  6b2aaa23f9b67dca5fa0efd9d96e9060
- SHA1
  
  07293442aa33cbc0afc1b69af287b1fede2e9a70
- SHA256
  
  f49ba791814001b3d4101685bfebb635cdaf3103407a08171bb5d6bbe3e79c77
- SHA512
  
  bcd7b41e7758b30954b0e24db5d53d3d904b6c4b9a5105bd33e5dddddb310614cc09a028d0cd8ccb6a272ce5eba0e9142a1cc36ec848b54fb99b695752b5e20d
- SSDEEP
  
  192:ESB7osP1MJaugwXaafNqaclHJLOq3ZJFD/b8xjJzdJv:TP1iavwTqacyq35D0Fnv
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  get_cookies.pyc
- Size
  
  5KB
- MD5
  
  2754e3152f668e31fccca7b6f275716b
- SHA1
  
  e9ed74d679a96372c4457e72bc6639a4d96a2378
- SHA256
  
  f7e8a57b54489b5b3de66a1d21534ced3d2a2fb1ce8d03c69d4672e62aa00dca
- SHA512
  
  a8331f1c179ed97e6f3821cd41953a5ef8a0b63b6d39022cd3f7980494eff8f00b4367301509014e83c410ed4a6db8e4441f8f3547b682aca250bc4fa29f0f47
- SSDEEP
  
  96:STUBj1Mvk80VDdybA6HUicwKD7dxWeBJKZLpMglcTK94:wsSl0fQfUpwKfhijMgGW94
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  misc.pyc
- Size
  
  2KB
- MD5
  
  bcb404423ac51f798753e8d11e401071
- SHA1
  
  9080018dae3aa157e3a97904c86af06d4a0a6873
- SHA256
  
  572b18ccb1838f23714fae1c8cbb399a08796b1eb846960d5463d40ee784fe5a
- SHA512
  
  25a2997cff19308956086ae4e464f5039e53149043f094f2a65dae4dfa78b6410650a3c4d1514511f23c6bf77228772fa7b8a3cf5119e4ed46edb65ac40ff800
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  passwords_grabber.pyc
- Size
  
  4KB
- MD5
  
  8b9cbd29c3dfec519a4313b1b7a0069b
- SHA1
  
  5efb073593bc8908a7514dad78673c9d65344a6f
- SHA256
  
  589d438226abfec8f71ab7724c68011303f82febb6786fd0c57571b0769764f3
- SHA512
  
  c0099bcf2d23dd405b2e02e1fd1b946195015eabb1cbd2ce4896f1ab7e5bbc1fbe6600fa529087b5dc295c13219fb6bc1a6ac97efa4c0fc74901f70278c09bfd
- SSDEEP
  
  96:2APDnTWeYwDTgWxiX79GzTOjYUyWkUUNPIslLClDWJpR6Yn:TzCUDxiLATmeEUNP/lL3JpsYn
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  source_prepared.pyc
- Size
  
  57KB
- MD5
  
  6a06874585a34858255726459751fb8a
- SHA1
  
  a327c28a245455619353a88213f5b3fef54a22a3
- SHA256
  
  982ccc5ae066ce321d62d02d5857c705b164357d8bab8bc3642b1323912ec723
- SHA512
  
  e5836421b5c0cf2a91daab0a6ec4d91cddbbba9ec801d3f39a040274941ca057a9161f9ccab40a3acee07b175778b3652dc90981bbf80031ea65c3164632d213
- SSDEEP
  
  768:wvFNqlgJ+zw6yRiNtJj5kQfxEoedZlk2xNT9mCCPA7dKL/oEUJqABC/PNz4XJ:w9mgQmiLdfxxCk2xNEspI/oPBEWXJ
Score

3^/10

discovery
behavioral11 behavioral12