ducktail | 1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0 | Triage

Sharing

General

Target

1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0
Size

131.3MB
Sample

231202-b1431shc55
MD5

e2660cb6a6bd50aa797e4207c6a180c9
SHA1

ae9dd51791ec21218386f809f45342faaa723eee
SHA256

1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0
SHA512

0cfec841f83be0f8d0be6c8731767d4640080b6d8aa303477b3210836e245b0053ae00f412357bbd8f1941ce999375f4b41df880cece05e6d7f4d9a5f21cd2ea
SSDEEP

786432:ny/QyHIQunIAHj37Enk9s9x0G/EgnTp/lo7oZ4AzGpHjUoFmnTtLwSTRpf4P1wTo:y/hSq0cTp9ioZ4AzGNFK5vy9

Score

10^/10

ducktail

Malware Config

Targets

- Target
  
  1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0
- Size
  
  131.3MB
- MD5
  
  e2660cb6a6bd50aa797e4207c6a180c9
- SHA1
  
  ae9dd51791ec21218386f809f45342faaa723eee
- SHA256
  
  1e66d672ef74c30de5850158ca37687aa28edff794e6300a9c86c1085f83b9a0
- SHA512
  
  0cfec841f83be0f8d0be6c8731767d4640080b6d8aa303477b3210836e245b0053ae00f412357bbd8f1941ce999375f4b41df880cece05e6d7f4d9a5f21cd2ea
- SSDEEP
  
  786432:ny/QyHIQunIAHj37Enk9s9x0G/EgnTp/lo7oZ4AzGpHjUoFmnTtLwSTRpf4P1wTo:y/hSq0cTp9ioZ4AzGNFK5vy9
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2