ducktail | d103d06dabbf9e74d9b89d4d2b3436b150078bcbabbb715a7765b3b0c3fa8a62 | Triage

Sharing

General

Target

d103d06dabbf9e74d9b89d4d2b3436b150078bcbabbb715a7765b3b0c3fa8a62
Size

133.0MB
Sample

231212-clvrgaeeb5
MD5

c55a3710081b47532c1147641adab940
SHA1

683bf3ee8444d6b1fbe27e0c4ad7c8e88cbc26b8
SHA256

d103d06dabbf9e74d9b89d4d2b3436b150078bcbabbb715a7765b3b0c3fa8a62
SHA512

aba249f32104b842f282da2aee497edb94c7c058171edb4750587d6d870f560a94b51f9423ba840d4b6b5afa242b3ef445783b7e2f97b36b22de876f3073935c
SSDEEP

786432:VWXgF/LWzNQXBVBEEIVeHDWIBV0aMoSctbw17p2NsBHae7XRYBix72TtLwSTRpfF:VWa/LvKeh0ew19S8ae7XRuiRAhB

Score

10^/10

ducktail

Malware Config

Targets

- Target
  
  d103d06dabbf9e74d9b89d4d2b3436b150078bcbabbb715a7765b3b0c3fa8a62
- Size
  
  133.0MB
- MD5
  
  c55a3710081b47532c1147641adab940
- SHA1
  
  683bf3ee8444d6b1fbe27e0c4ad7c8e88cbc26b8
- SHA256
  
  d103d06dabbf9e74d9b89d4d2b3436b150078bcbabbb715a7765b3b0c3fa8a62
- SHA512
  
  aba249f32104b842f282da2aee497edb94c7c058171edb4750587d6d870f560a94b51f9423ba840d4b6b5afa242b3ef445783b7e2f97b36b22de876f3073935c
- SSDEEP
  
  786432:VWXgF/LWzNQXBVBEEIVeHDWIBV0aMoSctbw17p2NsBHae7XRYBix72TtLwSTRpfF:VWa/LvKeh0ew19S8ae7XRuiRAhB
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2