Overview

overview

10

Static

static

10

test.exe

windows7-x64

7

test.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test.exe

  • Size

    17.9MB

  • Sample

    241106-1pfzgs1jhq

  • MD5

    157978c2e12f0e75372471a25eb68f6d

  • SHA1

    daf64207449bb6dc8305e023d8417e632e596880

  • SHA256

    ad09ea73cbf0743407747b384ab20857effd581b8823831babcf2d7e5375b31b

  • SHA512

    0d9d2826eaad6652c4dcaa4d077032adcaf625ab73a90f117502981201b1b827db480bf8030b472ace11b682eeb0435605c863f0823e8c628a15442ca56ba12d

  • SSDEEP

    393216:2qPnLFXlrzQMDOETgsvfGXg1vvEypyVQ+fqo:bPLFXNzQREms0RV6o

Score
10/10
empyreandiscoverypersistencepyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      test.exe

    • Size

      17.9MB

    • MD5

      157978c2e12f0e75372471a25eb68f6d

    • SHA1

      daf64207449bb6dc8305e023d8417e632e596880

    • SHA256

      ad09ea73cbf0743407747b384ab20857effd581b8823831babcf2d7e5375b31b

    • SHA512

      0d9d2826eaad6652c4dcaa4d077032adcaf625ab73a90f117502981201b1b827db480bf8030b472ace11b682eeb0435605c863f0823e8c628a15442ca56ba12d

    • SSDEEP

      393216:2qPnLFXlrzQMDOETgsvfGXg1vvEypyVQ+fqo:bPLFXNzQREms0RV6o

    Score
    7/10
    upxdiscoverypersistencespywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

    • Target

      main.pyc

    • Size

      7KB

    • MD5

      2d5d03c40cd5fb0edd9100c45fc40708

    • SHA1

      5b264f63af39b6b81ace8ae45746918c0ce7a810

    • SHA256

      c801b0f29f43368b3b499ee3cb700f0116af3a98caa63825c236fe62c58e8b1e

    • SHA512

      3e34529ddffad02ec9644b26887036eba3c69743f79b27f3073451c53e6596abc5d17eec8dd41d1a02237dafbcbb27920a3058b885651d236fc690edc925cb96

    • SSDEEP

      192:wWPWEkJGY4D8qp6WdXw+8K3uNdMoFQJhw5sMdwMsnw:dSJfWu+8RNdt026PMsw

    Score
    3/10
    discovery
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks