General
-
Target
zYTxXPy.exe
-
Size
103.1MB
-
Sample
250630-xzle6ser2t
-
MD5
eddaf4da89e6006ccd7e7232771c2ce5
-
SHA1
697cd14705ed98e45a8b4126039f9e0f671b334d
-
SHA256
c6f4f1625fb3471f730689c3c0dbf1402934cd6758d31b9c967ace7f39f9efc3
-
SHA512
3d4a8c4b5a30c7d31a8ce1ddba993aa60eca4c4681ef1e54a50f375575e566f1f385a7aca07cad2a900ea300025864d6a1489e3dff883329eab35a68e60d9591
-
SSDEEP
3145728:iVgYRPSC++6y9AiVd1AY5bADDxgds8pOeqZCp:gxaC4y9AiV75bAHCB4bZC
Behavioral task
behavioral1
Sample
zYTxXPy.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
MTD-TEXTUREPACKS.js
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
zYTxXPy.exe
-
Size
103.1MB
-
MD5
eddaf4da89e6006ccd7e7232771c2ce5
-
SHA1
697cd14705ed98e45a8b4126039f9e0f671b334d
-
SHA256
c6f4f1625fb3471f730689c3c0dbf1402934cd6758d31b9c967ace7f39f9efc3
-
SHA512
3d4a8c4b5a30c7d31a8ce1ddba993aa60eca4c4681ef1e54a50f375575e566f1f385a7aca07cad2a900ea300025864d6a1489e3dff883329eab35a68e60d9591
-
SSDEEP
3145728:iVgYRPSC++6y9AiVd1AY5bADDxgds8pOeqZCp:gxaC4y9AiV75bAHCB4bZC
-
Disables Task Manager via registry modification
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
MTD-TEXTUREPACKS.pyc
-
Size
155KB
-
MD5
9584bc09b537db8a5eca3681fb563055
-
SHA1
96cfc20cb38c1a2baa5fc3f8c31df835c8f9b292
-
SHA256
5dffa0d06610d9e1373af52b9a2d994150802e702652dddf6db9fa7c14997990
-
SHA512
f94bd88092e0f25a4cd8ff207ddee5a2e38996393defa43d593ec319a65ea44e86c4b0a448681d014ef472f078eb9d6aa551346bc4949a2d7bebdcf993d7e511
-
SSDEEP
3072:tI/rDzqbJq+lVVxnY/ArM6GvpvOdt24Pnf4tCN8om97:8oJq+lVVx4ArM7vpI3fwtCNnc7
Score3/10 -