Overview

overview

9

Static

static

3

sample.exe

windows7-x64

7

sample.exe

windows10-2004-x64

9

Resubmissions

07/03/2025, 17:01

250307-vjx3xstvbs 9

08/02/2025, 10:34

250208-mmdvfs1mej 9

08/02/2025, 10:30

250208-mjtrha1lcn 9

07/02/2025, 12:21

250207-pjh14s1phq 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample.exe

  • Size

    28.4MB

  • Sample

    250208-mmdvfs1mej

  • MD5

    d8889f10a8a0dda44817a2bfbd0ca237

  • SHA1

    8b7672496f45432a48b8d307e08855ca9e40da7b

  • SHA256

    1c716742fa1712562e2d6275a68a8d2e73bd910bff417072259bb164f2628863

  • SHA512

    8fefa5f583768d67bc253df70057735bc8d11ad83c2cd4ec2fc5adcc25f58f18a44d4a000a7ea714325c4823cd5cf0b3801ed6a120c4b191930d311d7a06dee9

  • SSDEEP

    786432:d9YiluW8jfQMIywq3ObRqs0kyVmdIhPA5VGhlbVxuOOd9A+Wpji4x:d9PuWMQry3CRAkyVQIhPyQhhum+kjX

Score
9/10
discoverypyinstallerransomwarespywarestealer

Malware Config

Targets

    • Target

      sample.exe

    • Size

      28.4MB

    • MD5

      d8889f10a8a0dda44817a2bfbd0ca237

    • SHA1

      8b7672496f45432a48b8d307e08855ca9e40da7b

    • SHA256

      1c716742fa1712562e2d6275a68a8d2e73bd910bff417072259bb164f2628863

    • SHA512

      8fefa5f583768d67bc253df70057735bc8d11ad83c2cd4ec2fc5adcc25f58f18a44d4a000a7ea714325c4823cd5cf0b3801ed6a120c4b191930d311d7a06dee9

    • SSDEEP

      786432:d9YiluW8jfQMIywq3ObRqs0kyVmdIhPA5VGhlbVxuOOd9A+Wpji4x:d9PuWMQry3CRAkyVQIhPyQhhum+kjX

    Score
    9/10
    discoveryransomwarespywarestealer

    • Renames multiple (2168) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks