GitHub - NozomiNetworks/greyenergy-unpacker: Toolkit collection developed to help malware analysts dissecting and detecting the packer used by GreyEnergy samples.
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | fdb4fef3-66ca-4f8f-b350-dc7f23c9e5bb |
| Fingerprint | a41545096c7344d3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 1, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Oct. 17, 2024, 1:52 p.m. |
| Headline | NozomiNetworks/greyenergy-unpacker |
| Title | GitHub - NozomiNetworks/greyenergy-unpacker: Toolkit collection developed to help malware analysts dissecting and detecting the packer used by GreyEnergy samples. |
| Detected Hints/Tags/Attributes | 16/2/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/NozomiNetworks/greyenergy-unpacker |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 24 | build.sh |
|
| Details | File | 1 | greyenergy_unpacker.py |
|
| Details | File | 1 | suspicious.bin |
|
| Details | File | 1 | 'suspicious.bin |
|
| Details | File | 1 | _malware_unpacked.bin |
|
| Details | File | 1 | _dropper_unpacked.bin |
|
| Details | sha256 | 2 | d4e97a18be820a1a3af639c9bca21c5f85a3f49a37275b37fd012faeffcb7c4a |
|
| Details | sha256 | 2 | 7e154d5be14560b8b2c16969effdb8417559758711b05615513d1c84e56be076 |
|
| Details | sha256 | 1 | a7d3f2b6cec72a324c375e4335e42b1f1f4d9642347d38f3de7ec706fcf25147 |
|
| Details | sha256 | 2 | b60c0c04badc8c5defab653c581d57505b3455817b57ee70af74311fa0b65e22 |