Overview

overview

10

Static

static

10

hell's gen...1).exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hell's generator (1).exe

  • Size

    17.8MB

  • Sample

    250119-1lv91axqfj

  • MD5

    fd6b2eb34707a78c796fe7077b6940db

  • SHA1

    a186670a07f032b2c8e8989c7c9cf8f856f27cac

  • SHA256

    560c9fb5d1c9753ec2b52e50e9a9b4fbc468793cfab5e313ba6521af4132c20c

  • SHA512

    452a0394a5f6ecba7ead49994aa93bdb447dc8109600cec455910602f77d0b8f60d8cdd41beb517179b0f88e00c902a999a28760cdb70f3c1ba593fd9317b37e

  • SSDEEP

    393216:4qPnLFCKI8QGQ8DOETgsvfGwxSzB9JFwOYDJ:pPLFCKI+QhEwB

Score
10/10
empyreandiscoverypersistenceprivilege_escalationpyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      hell's generator (1).exe

    • Size

      17.8MB

    • MD5

      fd6b2eb34707a78c796fe7077b6940db

    • SHA1

      a186670a07f032b2c8e8989c7c9cf8f856f27cac

    • SHA256

      560c9fb5d1c9753ec2b52e50e9a9b4fbc468793cfab5e313ba6521af4132c20c

    • SHA512

      452a0394a5f6ecba7ead49994aa93bdb447dc8109600cec455910602f77d0b8f60d8cdd41beb517179b0f88e00c902a999a28760cdb70f3c1ba593fd9317b37e

    • SSDEEP

      393216:4qPnLFCKI8QGQ8DOETgsvfGwxSzB9JFwOYDJ:pPLFCKI+QhEwB

    Score
    7/10
    discoverypersistenceprivilege_escalationspywarestealerupx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks