General

  • Target

    241219-wj42xaxjfx_pw_infected.zip

  • Size

    106.9MB

  • MD5

    ad10a18a79967d6551ab4b83106aabd7

  • SHA1

    abf9b131b9302226496f8e54ff0b71aaa9fb3ec0

  • SHA256

    3ed0426d82cc43291d65ba3aa78229c82923c8cf582bc041145f8c6e0155cba3

  • SHA512

    fb9ae9aeb0f66bc889f7a0454494584ff8d3eea1ba2aa5891f4987716b119fce91ccc2ef2d4540c3fdc3187d27067f3a1a973c06fd32b183abc46cfbd4f6c2ce

  • SSDEEP

    3145728:VlUotx+TGylz2q+/wfjcAL3CXIYOs3WA+MMBf/TPwD1k+HAosz1YjxD:Vlntx+/lz2Pw3CX33WAre/T4KzqlD

Score
10/10

Malware Config

Signatures

  • Detect Pysilon 1 IoCs
  • Pysilon family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 241219-wj42xaxjfx_pw_infected.zip
    .zip

    Password: infected

  • source_prepared.exe
    .exe windows:6 windows x64 arch:x64

    Password: infected

    a06f302f71edd380da3d5bf4a6d94ebd


    Headers

    Imports

    Sections

  • discord_token_grabber.pyc
  • get_cookies.pyc
  • misc.pyc
  • passwords_grabber.pyc
  • protections.pyc
  • source_prepared.pyc