Overview

overview

8

Static

static

3

11112023_0...ks.exe

windows7-x64

8

11112023_0...ks.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11112023_0031_Hassocks.bin

  • Size

    1.5MB

  • Sample

    231110-t1eggabh97

  • MD5

    09c1b6e7a2d0ed3bc1c8e47b216d2222

  • SHA1

    9ad7a4fdf7ee9e0d339e1552c574bfb918698ad0

  • SHA256

    4b0b7266df5153ac5dc8f2bfe9113361f7fdf9b49ec52a50a743466d5462ad71

  • SHA512

    b6dddd8ded906eb9312b1f93c42be00cc6e042c0cbf743e439c97cc943a616559b28cf87e996593f2db8f095fbc716b0892ca961eb33391cb4783f824512ca02

  • SSDEEP

    24576:XoXy772/W1GYDf82+towUrtJOrteIicQs0h4JoXf4SJTjhijLc:4i7S/WRDfbPwMtJO8lsJoJ9ivc

Score
8/10
dave

Malware Config

Targets

    • Target

      11112023_0031_Hassocks.bin

    • Size

      1.5MB

    • MD5

      09c1b6e7a2d0ed3bc1c8e47b216d2222

    • SHA1

      9ad7a4fdf7ee9e0d339e1552c574bfb918698ad0

    • SHA256

      4b0b7266df5153ac5dc8f2bfe9113361f7fdf9b49ec52a50a743466d5462ad71

    • SHA512

      b6dddd8ded906eb9312b1f93c42be00cc6e042c0cbf743e439c97cc943a616559b28cf87e996593f2db8f095fbc716b0892ca961eb33391cb4783f824512ca02

    • SSDEEP

      24576:XoXy772/W1GYDf82+towUrtJOrteIicQs0h4JoXf4SJTjhijLc:4i7S/WRDfbPwMtJO8lsJoJ9ivc

    Score
    8/10
    dave

    • Dave packer

      Detects executable using a packer named 'Dave' by the community, based on a string at the end.

      dave

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks