General
-
Target
TyrantGrabberInstaller.exe
-
Size
19.1MB
-
Sample
240630-1xp75axajc
-
MD5
a96014ccd9b29b2056d4cd8de8df4fb4
-
SHA1
903f9c7e65f59536f703c1266b956651226b797f
-
SHA256
488791938a891c2a68efffa2958a1e9da2899c40bd8dde2a81614517a3e15945
-
SHA512
ae67e30bab7b26732a63c564b3b76f027aa8b0f105e687d97ed6095701b802cdfc566a1c42c373a1ace4763af365cd8f1b4e342198c5b2b35e92610f52e66b8c
-
SSDEEP
196608:iooMmDnUkMm2Wm0sKYu/PaQDq9BIEcmtS9eNkpYfMQcYNnJSFmEPh2Qz2znPO1kY:Vo9DF23QD9etSmhMQZJ+h2zGfdGHs
Behavioral task
behavioral1
Sample
TyrantGrabberInstaller.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
TyrantGrabberInstaller.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
TyrantGrabberInstaller.pyc
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
TyrantGrabberInstaller.pyc
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
TyrantGrabberInstaller.exe
-
Size
19.1MB
-
MD5
a96014ccd9b29b2056d4cd8de8df4fb4
-
SHA1
903f9c7e65f59536f703c1266b956651226b797f
-
SHA256
488791938a891c2a68efffa2958a1e9da2899c40bd8dde2a81614517a3e15945
-
SHA512
ae67e30bab7b26732a63c564b3b76f027aa8b0f105e687d97ed6095701b802cdfc566a1c42c373a1ace4763af365cd8f1b4e342198c5b2b35e92610f52e66b8c
-
SSDEEP
196608:iooMmDnUkMm2Wm0sKYu/PaQDq9BIEcmtS9eNkpYfMQcYNnJSFmEPh2Qz2znPO1kY:Vo9DF23QD9etSmhMQZJ+h2zGfdGHs
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
TyrantGrabberInstaller.pyc
-
Size
74KB
-
MD5
515bfcc258935bf398c60fdbffbb903c
-
SHA1
c155700f640e50cba218fedd9d2b20846099453e
-
SHA256
74327fcc2d900b611c739c4f33846e17fea25135eeec5a16c189f9cda0c1f559
-
SHA512
1f0a3f05e9126c1642ba95408ffc72a0d9cc6fe2e66ed8f01c0871e9f49c8a99cc1c30c5e7128d12325ce4e4734b5ceedf9d6194f0ebf0e34d68be3f47c69b5c
-
SSDEEP
1536:CKjZq1Wa/hYx/Ys/A/ki5wD66lbcaMrW5N0Y:CAZkWa/WdCsi5ku6D
Score3/10 -