General
-
Target
SILENT - Bypass Alt Detection.exe
-
Size
15.4MB
-
Sample
241030-zfqlwszjfx
-
MD5
71df8799fefd10e6e0201093d296c818
-
SHA1
d11cfd7da9d1e67cb902e593bd63e0f7007c0a01
-
SHA256
83c9f73526ca6fdb791b6508ed76c345141543656cd4175f838879fa2bdf154c
-
SHA512
afa7f98ee928ac61f1a0f1dc8ec4ebcb60d77270575dce5cf91437eec151a0ad25820ee276105b34e8a20587106c7fa5b0794dcfa70205a6a6af31037c7df960
-
SSDEEP
393216:99YiRUmS63hucsXMCHWUjPodaI8ZKl86OOIHRII:99YiGmD3hrsXMb8PDIKKl8
Behavioral task
behavioral1
Sample
SILENT - Bypass Alt Detection.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
SILENT - Bypass Alt Detection.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
silent_obf_1028352774414549072_47468be2-b0e9-4037-b339-f535d489dcf4.pyc
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
silent_obf_1028352774414549072_47468be2-b0e9-4037-b339-f535d489dcf4.pyc
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
SILENT - Bypass Alt Detection.exe
-
Size
15.4MB
-
MD5
71df8799fefd10e6e0201093d296c818
-
SHA1
d11cfd7da9d1e67cb902e593bd63e0f7007c0a01
-
SHA256
83c9f73526ca6fdb791b6508ed76c345141543656cd4175f838879fa2bdf154c
-
SHA512
afa7f98ee928ac61f1a0f1dc8ec4ebcb60d77270575dce5cf91437eec151a0ad25820ee276105b34e8a20587106c7fa5b0794dcfa70205a6a6af31037c7df960
-
SSDEEP
393216:99YiRUmS63hucsXMCHWUjPodaI8ZKl86OOIHRII:99YiGmD3hrsXMb8PDIKKl8
-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
-
-
Target
silent_obf_1028352774414549072_47468be2-b0e9-4037-b339-f535d489dcf4.pyc
-
Size
268KB
-
MD5
a5eb12635497dd0cc9bb32f6a4568a67
-
SHA1
0ac5108813391b7bd83427d7f39a7d5081bd1de9
-
SHA256
1a951bc2ab693fb61aac1f7df260010610008ec67d2b3bfca5d408e86b22ba3b
-
SHA512
9d603b57e58aa03384963ec859f62e23c70195193840fe7e9623c929915755ee4a69a17a3d08b54f231346d4012b470ccdb5337afa9d88701a22c8050767e056
-
SSDEEP
6144:jAQ0lx3x1Qim59Rv5bSZeHIyaCA9P3zQB7T+egjonNvG8VY3m8ooMtScktcusPbi:MDLB1Qim5995b+eHIy/A13zQB7T+egj7
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1Privilege Escalation
Event Triggered Execution
2Component Object Model Hijacking
1Image File Execution Options Injection
1