Overview
overview
10Static
static
10Samppimafia.exe
windows7-x64
7Samppimafia.exe
windows10-2004-x64
9discord_to...er.pyc
windows7-x64
3discord_to...er.pyc
windows10-2004-x64
3get_cookies.pyc
windows7-x64
3get_cookies.pyc
windows10-2004-x64
3misc.pyc
windows7-x64
3misc.pyc
windows10-2004-x64
3passwords_grabber.pyc
windows7-x64
3passwords_grabber.pyc
windows10-2004-x64
3source_prepared.pyc
windows7-x64
3source_prepared.pyc
windows10-2004-x64
3Resubmissions
25/11/2024, 19:07
241125-xsxvma1nfz 1025/11/2024, 19:04
241125-xqyddaxphn 1025/11/2024, 16:22
241125-tvbtdsvqc1 1025/11/2024, 16:17
241125-trtj2a1qfk 10Analysis
-
max time kernel
29s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
25/11/2024, 16:17
Behavioral task
behavioral1
Sample
Samppimafia.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Samppimafia.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
discord_token_grabber.pyc
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
discord_token_grabber.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
get_cookies.pyc
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
get_cookies.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
misc.pyc
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
misc.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
passwords_grabber.pyc
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
passwords_grabber.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
source_prepared.pyc
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
source_prepared.pyc
Resource
win10v2004-20241007-en
General
-
Target
Samppimafia.exe
-
Size
102.9MB
-
MD5
e5d776d0a738f622496507a407bd31a8
-
SHA1
379fc39a0b331b9892a886bef75b7d2f5f656816
-
SHA256
8ee9f9af08c9c58408503c08604f1af166620267e9e09f800c05e3257b5c147b
-
SHA512
46d427f5e8bc35d7ac1677add6e84461a12bd2fdb6b2398518341cba6c6f11c703d77c7490a5e2e23af258b2391ce831d130eda2170fc527081fcba549626877
-
SSDEEP
3145728:AnG2r7rS6xjKcBanL2qHO5iVAunGQbRe0zJcBVPZ2:vgnSWNaBHCin1XcBa
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2076 Samppimafia.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2700 wrote to memory of 2076 2700 Samppimafia.exe 30 PID 2700 wrote to memory of 2076 2700 Samppimafia.exe 30 PID 2700 wrote to memory of 2076 2700 Samppimafia.exe 30
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD5b243d61f4248909bc721674d70a633de
SHA11d2fb44b29c4ac3cfd5a7437038a0c541fce82fc
SHA25693488fa7e631cc0a2bd808b9eee8617280ee9b6ff499ab424a1a1cbf24d77dc7
SHA51210460c443c7b9a6d7e39ad6e2421b8ca4d8329f1c4a0ff5b71ce73352d2e9438d45f7d59edb13ce30fad3b4f260bd843f4d9b48522d448310d43e0988e075fcb