96715e2703f139b4439b8321dcd1f5e28ac8370a9999b7ca9fe2c25a5927e210 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Kangaroo.exe
Size

311KB
Sample

230712-q8dy5aee3z
MD5

dd75215aaa73ee8db3075dbcff4b5840
SHA1

039ac9af2d590d787de45d9a650a1a08a304f847
SHA256

96715e2703f139b4439b8321dcd1f5e28ac8370a9999b7ca9fe2c25a5927e210
SHA512

eba9267297a457b440f988cd8123733e70aca7675cc22812bf69cdf6335f5ef72ccab9653086e6c1cd71936bae26e970133ba2eca260900b3bc8d75150ad479a
SSDEEP

6144:SoWnKyjWo7gB8eOCJG3FGJljXdQprzvEXaAMw0YYaZB6gkipk3mmw0OKgg80OKgp:SoWKsWR8FCw3wjXdQpv6aAMpQZtxTSg/

Score

8^/10

Malware Config

Targets

- Target
  
  Kangaroo.exe
- Size
  
  311KB
- MD5
  
  dd75215aaa73ee8db3075dbcff4b5840
- SHA1
  
  039ac9af2d590d787de45d9a650a1a08a304f847
- SHA256
  
  96715e2703f139b4439b8321dcd1f5e28ac8370a9999b7ca9fe2c25a5927e210
- SHA512
  
  eba9267297a457b440f988cd8123733e70aca7675cc22812bf69cdf6335f5ef72ccab9653086e6c1cd71936bae26e970133ba2eca260900b3bc8d75150ad479a
- SSDEEP
  
  6144:SoWnKyjWo7gB8eOCJG3FGJljXdQprzvEXaAMw0YYaZB6gkipk3mmw0OKgg80OKgp:SoWKsWR8FCw3wjXdQpv6aAMpQZtxTSg/
Score

8^/10
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2