Overview
overview
9Static
static
3MSS32.dll
windows7-x64
9MSS32.dll
windows10-2004-x64
9granny2.dll
windows7-x64
3granny2.dll
windows10-2004-x64
3lib/Libido.pyc
windows7-x64
3lib/Libido.pyc
windows10-2004-x64
3lib/UserDict.pyc
windows7-x64
3lib/UserDict.pyc
windows10-2004-x64
3lib/__future__.pyc
windows7-x64
3lib/__future__.pyc
windows10-2004-x64
3lib/_socket.dll
windows7-x64
3lib/_socket.dll
windows10-2004-x64
3lib/_sre.pyc
windows7-x64
3lib/_sre.pyc
windows10-2004-x64
3lib/_sre.dll
windows7-x64
3lib/_sre.dll
windows10-2004-x64
3lib/copy_reg.pyc
windows7-x64
3lib/copy_reg.pyc
windows10-2004-x64
3lib/httplib.pyc
windows7-x64
3lib/httplib.pyc
windows10-2004-x64
3lib/inf.pyc
windows7-x64
3lib/inf.pyc
windows10-2004-x64
3lib/linecache.pyc
windows7-x64
3lib/linecache.pyc
windows10-2004-x64
3lib/mimetools.pyc
windows7-x64
3lib/mimetools.pyc
windows10-2004-x64
3lib/ntpath.pyc
windows7-x64
3lib/ntpath.pyc
windows10-2004-x64
3lib/nturl2path.pyc
windows7-x64
3lib/nturl2path.pyc
windows10-2004-x64
3lib/os.pyc
windows7-x64
3lib/os.pyc
windows10-2004-x64
3General
-
Target
fb927b747d772358d69e9e8cc154427c_JaffaCakes118
-
Size
4.0MB
-
Sample
241218-pvz4rsyrat
-
MD5
fb927b747d772358d69e9e8cc154427c
-
SHA1
0c65b72cccbfd7cadd40e87fb50ca93a02576d06
-
SHA256
39ec76a40c9ca23930ef6191263e8b613d7cf2280cc1371dc9ee3b6ea7827d24
-
SHA512
5419f1ba274bf0dfcb26de989fffffac68f53920cb4f7e8ae39309a5b701523a3ec5c5440322eb7db3063701be1ac1e5aec359a5c8f443dc1d28d5e024225303
-
SSDEEP
98304:M2oUe0wp73HFfpQrVqFFyYKPAUkQgTcbmDb9N4DmyHFX3hnRJw1gX1r+:DoUkBHFf+cUkF93j4DXFnZRJci+
Static task
static1
Behavioral task
behavioral1
Sample
MSS32.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
MSS32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
granny2.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
granny2.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
lib/Libido.pyc
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
lib/Libido.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
lib/UserDict.pyc
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
lib/UserDict.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
lib/__future__.pyc
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
lib/__future__.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
lib/_socket.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
lib/_socket.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
lib/_sre.pyc
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
lib/_sre.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
lib/_sre.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
lib/_sre.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
lib/copy_reg.pyc
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
lib/copy_reg.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
lib/httplib.pyc
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
lib/httplib.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
lib/inf.pyc
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
lib/inf.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
lib/linecache.pyc
Resource
win7-20241010-en
Behavioral task
behavioral24
Sample
lib/linecache.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
lib/mimetools.pyc
Resource
win7-20241010-en
Behavioral task
behavioral26
Sample
lib/mimetools.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
lib/ntpath.pyc
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
lib/ntpath.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
lib/nturl2path.pyc
Resource
win7-20241023-en
Behavioral task
behavioral30
Sample
lib/nturl2path.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
lib/os.pyc
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
lib/os.pyc
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
MSS32.DLL
-
Size
957KB
-
MD5
01c14c4c2b8568a3e8d2004c5930fed7
-
SHA1
57ca5229b6c233d407061ec1f038da34b07bdf8c
-
SHA256
a0ef00858d423763fa4aec6d0afa6cc9d9ebccf15717d183419f850402f2b546
-
SHA512
ba2395e97acf7acaf8d840b408901f0547b2c164a262e56767cea2422dd8948c6613193c3b109d776200d36d57a0f800cc0f6462d602a389ffced9e450ac4400
-
SSDEEP
24576:5BBCQFgtnGyfZ1ybM0OPj9RFPGEHouQOnYsdW1CJEx3:PBCGgtGMgM/FPGa/vnYsdW1uEx3
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
granny2.dll
-
Size
361KB
-
MD5
866e2e50c531d6121023488b2f13a16b
-
SHA1
303d6410dd8341e49a7321de446fb7237eeabdf2
-
SHA256
0f6b80bbdb68e2990e01730dee9cd26440e71fb374f296974d63c50e9497e932
-
SHA512
d38a745ded38d69e2d602cc15809b9f4664dd2e40ca75d5b478c0d7e9e5f4b8c5dcbe61137fe11e9c289f003fa56c68f075fcd7c9ddc1cf9c2338637d45a3d6d
-
SSDEEP
6144:3LrmxvIvVP1+aS3MxRVBz46dXc5W2D91QPGEs29h:HmxYu3uRVRVs5VhWh
Score3/10 -
-
-
Target
lib/Libido.pyc
-
Size
26KB
-
MD5
e5112b56b47b5d0e7b4280e8fb1c852c
-
SHA1
3840a85041e10d445651df388e8e225f13a90afb
-
SHA256
4f6493d6f09f7cc7d3b8964bb08c6f957754fbace85e0aabb4bff34e2d843886
-
SHA512
fa618a7becfb68ff8170155d6acf4f2878587c63026b5ce0c14a603179d1598031c2665d9fd55964813b24338d005fa68832445f67b81a8f3684dc66d489f3e9
-
SSDEEP
768:WLuVaTW373Y59hN2TE1yOvHYZ05zh6bbcK:gP0L4hNOE1yOvH4uicK
Score3/10 -
-
-
Target
lib/UserDict.pyc
-
Size
5KB
-
MD5
1761dd489ab354134165190428f8fbf6
-
SHA1
68a18a42e408e81b75a74695576051dd610a0a04
-
SHA256
0a768d5dde7df1b8b76f3f7d4e95f9c3038b650a5c8afed78b56ff6777ad5877
-
SHA512
c49cd7d3944b73e2dbf6597ede808509f7a189f081eda5e29ba0190bc38cc1d536d52d7bd86883921f431d0b5bac21d37724c0efe99cd5c4de0ea6939ea2a5b2
-
SSDEEP
96:mxTWMX5tj9bDfnlSkT6mF5dS5RKBHrew+rMMx4bkCU:wqMJtjdDPlfT3S5RKBHre5x4bkCU
Score3/10 -
-
-
Target
lib/__future__.pyc
-
Size
3KB
-
MD5
02466c5102c7297f86a35b80d42cd991
-
SHA1
1ab83f706eb7350cc6d4d63f9d3a6dedd1a22873
-
SHA256
8802b4115f2896096133c51a4764bb2e8ecc189428ddd903e1f2d1c79fc32d48
-
SHA512
abf21a7322bb6d2153c6636c4de1997601ae71ebc3b4f4295ddc071a80f261e35767e620ea18c9daadfec2c57ac543a131aaf97991190f6e2542bdd3bd61f5d1
Score3/10 -
-
-
Target
lib/_socket.pyd
-
Size
44KB
-
MD5
277ecbc077d976204f19f1bd0882d5b9
-
SHA1
79a99d75615844496d13c37e19af703a13d3efef
-
SHA256
7e9b1eccc0ff7f44f793bd8a5aa50d2923473fc4ccb043130549a2a4d1051e47
-
SHA512
d4413f15f40dd704f1e57c1ac90771470e1d2ce607fb183d1908923157b4b0eddaa4154792627a6e336dca7debc9ed18bffd197bd12544dca687bc953fd4c8b1
-
SSDEEP
768:oklsvZsx92fmrl35ofhnCtMZgHsBIvALA6:ok2vZw92M35ofQAes
Score3/10 -
-
-
Target
lib/_sre.pyc
-
Size
14KB
-
MD5
91eceaa966c4d48a0f030e837e4ed5cc
-
SHA1
6c1fbb0c07494650b8c01171ada1cd8c1bfc8f7e
-
SHA256
e02bd24250eaf24b88c4eda40f79a9114572d1ced2da473d9b51de3ede6958b2
-
SHA512
a2ed0abe510f81a010d1339509b66322daed98ba70043250af432eaa23271e9984a031be977b1561bd02aa28c58b730cf5581b0afb316a0a864188c2e41b216a
-
SSDEEP
192:Wip5uPjiD4ROAQeHrG2EWawz0iWCxpy5fK/UPLhYXfptLJbvCW/r1uLlVPOkQ8QE:5p5uP+DkLihiMjG1Ols2R88L
Score3/10 -
-
-
Target
lib/_sre.pyd
-
Size
52KB
-
MD5
15d39b821e19c255a16c9ce1614edecb
-
SHA1
081a260fb71ef6b23b947c42d5c10896970b2cba
-
SHA256
14874d8efeed98feaa5449db5c7b5c0ca4d5ae6bcf91ac0efae6ab8fb8710218
-
SHA512
15d490ee76e16e1a34ef769227a5d7e587e7474594eccae26a7a46d25c77038f29d35140bdf5d2bfcb07a1a65d7783a34f04f4c798398d9df45e3e6b771c157e
-
SSDEEP
1536:dFENazkFByBPSkBHzjCEG5FXBFBXQqBSBViteJKat/t6ymByR:bENazkFByBPSkBTjCl5FXBFBX7BSBYtG
Score3/10 -
-
-
Target
lib/copy_reg.pyc
-
Size
2KB
-
MD5
dd30745c8cade086fadb51b38ac23f6d
-
SHA1
3b15cc32663113a32074fb2e07a7aa7ab3b01458
-
SHA256
b439ddd80008eafc91ead4eb876c930cfd3f91af8c43505624fb2ffbbc7f6de8
-
SHA512
e644a59b8587a961d3435bd194a5386da1e4329008547a8e475b3809595750609a57fdcec8477863e08020275bfd28d2ee2612b2632021a0c344721423fa2e57
Score3/10 -
-
-
Target
lib/httplib.pyc
-
Size
41KB
-
MD5
7dbed0981e4fb5ff105e0b1c3e5f9323
-
SHA1
b721f97b3d6cc3f3287d05ccacc02791b1760294
-
SHA256
c73d00b6f3d688259305e883292e7ba4bcbdc16cebc59454432ad28d9b9fd15f
-
SHA512
4a8833e3408d78df8b134b0b66639f79706bec3d4aa069b982cc3c305ca47e97e1d817bb640d3ba669866b80677dbe232d0d5eac136b36d29554c1c223e2a8ec
-
SSDEEP
768:EG3s58f2mOfVDUGJUdusYHDBXTKdV0DWyrBK/yxYD+QbUsOIabhcOuJ/S:EG3CmuDlJUdZYHDBDKdV0CyrfxrE3onL
Score3/10 -
-
-
Target
lib/inf.pyc
-
Size
1B
-
MD5
c4ca4238a0b923820dcc509a6f75849b
-
SHA1
356a192b7913b04c54574d18c28d46e6395428ab
-
SHA256
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
-
SHA512
4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a
Score3/10 -
-
-
Target
lib/linecache.pyc
-
Size
3KB
-
MD5
267732ad69e101b0993959e3e881cb1d
-
SHA1
5528c6e14eeef47af5621179de751932f622d671
-
SHA256
6f1e8eeb778cf9df356a8e0f8671f2b56897953bea1c77848585572ecaeac79d
-
SHA512
0de0fb2b5387980a47435944d771a9cac5e1697b739621020f993715b41f42e6090068c82b279417ef38d7e2272cf64fa4a18f8be3cd69a2dee351a6ca58ade0
Score3/10 -
-
-
Target
lib/mimetools.pyc
-
Size
8KB
-
MD5
a7cbb38e9c619c3a0c10dfed82942cec
-
SHA1
b8c04642f1755ec9ffae47b2dc9598063b6e5a4e
-
SHA256
510a28ca5c46f289617b421ce42c49bb46f5150e9cbc5baac6c636fb29fd72ee
-
SHA512
3b42e2e4d4fff6944e17206a4beebe3d6eb5d43fb267e5c8923ad6fac2d0ca55d276a9d22a71c64cf706eac56a462c89e5bc2ed2b97246d36a183e2ffb2b24ef
-
SSDEEP
192:GNk+Ykczbn+kvoAEgcIez61wIBGL42tK/20YHJg:5+Ykczbn+kAdbIez6qIBK42tK+0YHJg
Score3/10 -
-
-
Target
lib/ntpath.pyc
-
Size
13KB
-
MD5
e5d99efbf612906aa70335265b51282e
-
SHA1
897bdc2323c946f8478fc0b3b5936a227fafaa55
-
SHA256
e10d48bd12451d61c4a1a81660513ad2a7502c8d4c9be6619f45975e4150b420
-
SHA512
ed5e42c7f1fbf132ec874a87f80c20b7b154caba5843d0bd5059a8fc1f31ecbf7e23ae809890e4f9a18a2cf32d9672505503ca824635ec3b622eaba2fed78c78
-
SSDEEP
384:XFOBBBf3KC904OuN19IlGWz7yWS0YrdZ+O1PxMB5rK8gjV:w7l3WvuN19IlGW/yWSZjRxMHuL
Score3/10 -
-
-
Target
lib/nturl2path.pyc
-
Size
2KB
-
MD5
dc348410402b59be9ad0e54c1c2bf553
-
SHA1
7a111bc515a7a7991085e2e1fc3698c2b8b7b9fa
-
SHA256
63c173fb4cca0dbe043c2a097af125513954e844802d291cdebf7b4b9092cd87
-
SHA512
b64f3a0cc930018e7498c2419f0a0e49691ee1f8df106f7bf105729f24c8f82b8db4d3dd165d2ddc9d0443bbc69f1d1573ab1d2c03b0d556ddb84884db1c4462
Score3/10 -
-
-
Target
lib/os.pyc
-
Size
23KB
-
MD5
2e34b81cabfe5d0a88d6cd8d8733a582
-
SHA1
1ec0112301bb9b4439682f50d5a6dbd096239c26
-
SHA256
27722ffe85c9f31eded94ee409d527dae21a45b958db236a4544b6be644b7517
-
SHA512
f61b6c11be1782c48be39165ad82560960d536a63f6959d306626ddc62d4a7ebcf46ba49779dec14df7c1e18853485df955ac8668889d6e4c27780d83d466623
-
SSDEEP
384:EfV3QmcQEDFqJyKVPJPumFJ9ZKUyQp75r5lCB8LFDsL+LnwL+GLsHL1LfGLGGLqD:EtynD2NxeUhd5r5gB8LVsL+LwLhLsHLn
Score3/10 -