pysilon | de45b86d0366d623372e6bc76600ec2c4b869d744ccad6f12844d1d1383b7b96

General

Target

BoostX.exe
Size

36.2MB
Sample

250101-2wqyps1pcp
MD5

eb564d54266a2fe8c3d53f5500fb241d
SHA1

4f409ae3fbad0f569ce332c0baac7ba690003ab8
SHA256

de45b86d0366d623372e6bc76600ec2c4b869d744ccad6f12844d1d1383b7b96
SHA512

c8c675729a1f746660dae0433b5cc3ea62a8e849e81925ec898993be18140d3650056d776ea48378d611e97aae62db452a974e355931a6e6ea9a8dee69841dbb
SSDEEP

786432:7iIZYlOW8J/LXm1NqdbTOuzcY8763lXRXTa8vK1yn2CidJmU4/DI+:G1lOWqDXmqdfzE7ylhurc2HGE

Score

10^/10

Malware Config

Targets

- Target
  
  BoostX.exe
- Size
  
  36.2MB
- MD5
  
  eb564d54266a2fe8c3d53f5500fb241d
- SHA1
  
  4f409ae3fbad0f569ce332c0baac7ba690003ab8
- SHA256
  
  de45b86d0366d623372e6bc76600ec2c4b869d744ccad6f12844d1d1383b7b96
- SHA512
  
  c8c675729a1f746660dae0433b5cc3ea62a8e849e81925ec898993be18140d3650056d776ea48378d611e97aae62db452a974e355931a6e6ea9a8dee69841dbb
- SSDEEP
  
  786432:7iIZYlOW8J/LXm1NqdbTOuzcY8763lXRXTa8vK1yn2CidJmU4/DI+:G1lOWqDXmqdfzE7ylhurc2HGE
Score

9^/10

evasion execution persistence upx
- Enumerates VirtualBox DLL files
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  discord_token_grabber.pyc
- Size
  
  16KB
- MD5
  
  725de9fcbbafc763e52c1890229e95d3
- SHA1
  
  9f706ed61c350f634c1219a450680d8d943fab94
- SHA256
  
  61a871eed93301374ff8242c30e7da5ef568ba1fdd612482a0bba99583ae675f
- SHA512
  
  993ec6762f902ccd8753ce64a045717255aa63d7af58f0e38f997e4433ff302581479ef83a2bf0faba768981d2e471b01071de7373894fc506716571ba61e56a
- SSDEEP
  
  384:nGC7RYmnXavkxzG7WltcrhntQ5saa2h12VA:nGCuvk8WltcrttQ5saaCsVA
Score

3^/10
behavioral2
- Target
  
  get_cookies.pyc
- Size
  
  9KB
- MD5
  
  c9a26682b507d80f6293b7812712a656
- SHA1
  
  08717581287f9ce3ce45620b65bf9af9388bd56d
- SHA256
  
  977c728a338029209993bdea34d5476491be08fedcdc4d9810aa477e26118638
- SHA512
  
  54eeb20ea0cf309fa5eb31b3f37318e07965217f6f8adc8b1ba2cef8c7559db82792b8470f44e8989efde29b31b13e79d97c6c9a6549e765190336edbc4c02c7
- SSDEEP
  
  192:lNal3eiNis9QfUFoxJvm79F211G67+PtAhN:lJiB2lrj7jKlAhN
Score

3^/10
behavioral3
- Target
  
  misc.pyc
- Size
  
  4KB
- MD5
  
  f450829addc19ea4da350682ab197177
- SHA1
  
  d945d4aeb21e9aa3b995c05afa4ae9310427b664
- SHA256
  
  5d285150443c750bb0b68da4cc87732b81703e9665f719247a0ee62bd9482ca6
- SHA512
  
  645a11a031c4872b378201555a1c2a0aaa5537cb83d9a98028f09dbcfac527b691b8ef417b616ad2a7ce3d2920f4081fbd8dd201e83db74dacb01615510d15bb
- SSDEEP
  
  96:XSMlhlv6KPDweHPF8+VB7sHIZGhIW0vmyyZ1k93hub:iolvJ0evq+VBXZGh4vmV1kFhub
Score

3^/10
behavioral4
- Target
  
  passwords_grabber.pyc
- Size
  
  7KB
- MD5
  
  7d2e86e5d8afcff3d134f866f33d836c
- SHA1
  
  1791cfa048717d69f51c56ecf63f5047b088532d
- SHA256
  
  30c7051140e658b94573f4fd7bcdfcef0ac6e54aec22a69220632437f6f465cd
- SHA512
  
  555fb2eafcb4a9d5762608396969d635e6d260f50089e1bc949a2c37aa6531526ee8c3e365e10b88b04b5afb966d3d112e5bbcf4414e4ffef305c1fbb61dbc5b
- SSDEEP
  
  192:A114qWLfhuUIxzOK2cxDJb+XUhetovxEPz:64qWLfMtzVxDAEW7
Score

3^/10
behavioral5
- Target
  
  source_prepared.pyc
- Size
  
  149KB
- MD5
  
  85445f695501a129988e289b7738eec8
- SHA1
  
  e5c1d65ec841f59ca40d1ab47f583ae5babd9097
- SHA256
  
  ffe0bd5b19ac8a17effb432316f893f3f160848c99d2833f40fc0f2cdd3e770d
- SHA512
  
  b2841ea04662532d2ceb6287a72cb284cf69e44434cd304e3e851f0f7607e0deff4dd57cb8ba6a74492abebb4e71929591d33f8771e18733286c7071d6a634cc
- SSDEEP
  
  3072:b4c9aOOF+y2iF8oGTPZTJ0pZUYyC9IvdXzAsC6H:bj9aOOF+y58oLpdntsn
Score

3^/10
behavioral6