pysilon | 75a34c87a0c64e0a787c8f35de6d0ff4d8af7f982de752935b1cf0230c55a36a | Triage

Sharing

General

Target

source_prepared.exe
Size

102.7MB
Sample

250105-s3p6bazqfr
MD5

fca1869ef15f7be1ca0ff2fb6f640084
SHA1

ab7dd494d598d310a0430f51714fe79db839ca1a
SHA256

75a34c87a0c64e0a787c8f35de6d0ff4d8af7f982de752935b1cf0230c55a36a
SHA512

b88b1740e36ab83b6aed3c099dda8e3ace17772ee6ca72a832733e6943a96453a1d14e5413feeabe35743ab256effabba306e8296d5590e496ef40dd014dc970
SSDEEP

3145728:I3nerCRrS6xjKcBa6a2qHO5iVzgE6nGQbRe0zJcBJCkO8:2eWZSWNa6qHCidc1XcBJCw

Score

10^/10

pysilon execution pyinstaller

Malware Config

Targets

- Target
  
  source_prepared.exe
- Size
  
  102.7MB
- MD5
  
  fca1869ef15f7be1ca0ff2fb6f640084
- SHA1
  
  ab7dd494d598d310a0430f51714fe79db839ca1a
- SHA256
  
  75a34c87a0c64e0a787c8f35de6d0ff4d8af7f982de752935b1cf0230c55a36a
- SHA512
  
  b88b1740e36ab83b6aed3c099dda8e3ace17772ee6ca72a832733e6943a96453a1d14e5413feeabe35743ab256effabba306e8296d5590e496ef40dd014dc970
- SSDEEP
  
  3145728:I3nerCRrS6xjKcBa6a2qHO5iVzgE6nGQbRe0zJcBJCkO8:2eWZSWNa6qHCidc1XcBJCw
Score

9^/10

execution
- Enumerates VirtualBox DLL files
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
behavioral1
- Target
  
  source_prepared.pyc
- Size
  
  168KB
- MD5
  
  90a8e15de70e12682bfe3708513330d7
- SHA1
  
  de7e63c721f1c6e1607950c2fcd91634fd3096e3
- SHA256
  
  35d05855e2af39f5af8f0b27b02fd93b6992553d9cb7dcfe188a8cd9afb8eb26
- SHA512
  
  1568c2a8ba476f2c798d73b97c8f9357313c69c1116a22c504d0bd63b5336b2ead487cf03a1f5e2bc718ecdba5df531a0c8b761667dc1c965c0e7434b58f48b1
- SSDEEP
  
  3072:AebH1NaOO/5ESl1RdotPZTJ0pZXScT0o+IvdXzZsTWP:nNaOO/5ESFdoCpUY0otsS
Score

3^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

File and Directory Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pyinstallerpysilon

behavioral1

behavioral2