Resubmissions

18-04-2024 08:49

240418-krfthagd74 10

18-04-2024 08:48

240418-kqsrnsgd65 10

18-04-2024 08:48

240418-kqr55shg3z 10

18-04-2024 08:48

240418-kqmwesgd62 10

18-04-2024 08:48

240418-kqmknahg3w 10

General

  • Target

    SecuriteInfo.com.BackDoor.Rat.281.18292.12946

  • Size

    1.4MB

  • Sample

    240414-rxnjvscb5x

  • MD5

    793707365df26450bc8642f518a540f0

  • SHA1

    66649127ad784288c393992971a197c10f86a8eb

  • SHA256

    7131d78da58eb6b54db8466e0c09d7173da6f05c5615841a73dc6a032648a217

  • SHA512

    550374f2b3963e99bbfa445236e2921d288e67e00b4425a3bfedba0b72bd2fe6027af484c8f7e143471e16738dd9f129c91e467e157e29a911f1ad44d2775695

  • SSDEEP

    24576:8Ec46GnhPe4h/N5m8loOoYJ/HRz1IgRizQJYiEH0YSXHZTNbf86:8EBQ2xrVEcXfbf86

Score
10/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.BackDoor.Rat.281.18292.12946

    • Size

      1.4MB

    • MD5

      793707365df26450bc8642f518a540f0

    • SHA1

      66649127ad784288c393992971a197c10f86a8eb

    • SHA256

      7131d78da58eb6b54db8466e0c09d7173da6f05c5615841a73dc6a032648a217

    • SHA512

      550374f2b3963e99bbfa445236e2921d288e67e00b4425a3bfedba0b72bd2fe6027af484c8f7e143471e16738dd9f129c91e467e157e29a911f1ad44d2775695

    • SSDEEP

      24576:8Ec46GnhPe4h/N5m8loOoYJ/HRz1IgRizQJYiEH0YSXHZTNbf86:8EBQ2xrVEcXfbf86

    Score
    10/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks