ducktail | 224e86b3eb5000e7fc4c516f4c8e0cd0ce42e2c49a230c8be2e276508d1ab260 | Triage

Sharing

General

Target

224e86b3eb5000e7fc4c516f4c8e0cd0ce42e2c49a230c8be2e276508d1ab260
Size

132.9MB
Sample

231208-ca3myagf39
MD5

b0bb47753db0d37ba945a53f22a886b0
SHA1

0b5e8ad1a6f834ef166d710256647f7faeeb6e12
SHA256

224e86b3eb5000e7fc4c516f4c8e0cd0ce42e2c49a230c8be2e276508d1ab260
SHA512

6ae510c9b7a086d05b1128b571b8a0ef1a1c0ba106e833b0e30f8df17d5f0038f8dbac29f95a998ee4af52b597c3ac990c8d9e9a5f6e05f954f0dd3a7a88c586
SSDEEP

786432:VWXgF0+WzNQXBVBEEIVeHDWIBV0aMoSctbw17p2NsBHae7XRYBix72TtLwSTRpfW:VWa0+vKeh0ew19S8ae7XRuiRAhK

Score

10^/10

ducktail

Malware Config

Targets

- Target
  
  224e86b3eb5000e7fc4c516f4c8e0cd0ce42e2c49a230c8be2e276508d1ab260
- Size
  
  132.9MB
- MD5
  
  b0bb47753db0d37ba945a53f22a886b0
- SHA1
  
  0b5e8ad1a6f834ef166d710256647f7faeeb6e12
- SHA256
  
  224e86b3eb5000e7fc4c516f4c8e0cd0ce42e2c49a230c8be2e276508d1ab260
- SHA512
  
  6ae510c9b7a086d05b1128b571b8a0ef1a1c0ba106e833b0e30f8df17d5f0038f8dbac29f95a998ee4af52b597c3ac990c8d9e9a5f6e05f954f0dd3a7a88c586
- SSDEEP
  
  786432:VWXgF0+WzNQXBVBEEIVeHDWIBV0aMoSctbw17p2NsBHae7XRYBix72TtLwSTRpfW:VWa0+vKeh0ew19S8ae7XRuiRAhK
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2