903c5f1a1f349335849499426f18f75d7fad5b3484a4c74deac26b15248c0693 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

senex_woofer.exe
Size

634KB
Sample

230411-t62h7afc8w
MD5

911471910c3f25d2880865ec9d26f079
SHA1

e24178f42a17e3a9746a039ab69ee3530481adc2
SHA256

903c5f1a1f349335849499426f18f75d7fad5b3484a4c74deac26b15248c0693
SHA512

0883443da7df2b3ee813bd6858db41c3fd60fb3a6551bafaf3984b2af2b6dff1fcf9719add0b5cb717e7b3cd46e1e0688cca22bf46daaa72a34a9a9ca06445ad
SSDEEP

12288:IqLMS0TFtT8n77rodRfyyufQCLbvTBErz+Ry9V:IqLMS0TFtT8kdRIfpbvT2rhH

Score

6^/10

Malware Config

Targets

- Target
  
  senex_woofer.exe
- Size
  
  634KB
- MD5
  
  911471910c3f25d2880865ec9d26f079
- SHA1
  
  e24178f42a17e3a9746a039ab69ee3530481adc2
- SHA256
  
  903c5f1a1f349335849499426f18f75d7fad5b3484a4c74deac26b15248c0693
- SHA512
  
  0883443da7df2b3ee813bd6858db41c3fd60fb3a6551bafaf3984b2af2b6dff1fcf9719add0b5cb717e7b3cd46e1e0688cca22bf46daaa72a34a9a9ca06445ad
- SSDEEP
  
  12288:IqLMS0TFtT8n77rodRfyyufQCLbvTBErz+Ry9V:IqLMS0TFtT8kdRIfpbvT2rhH
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2