f1527aa38e7f8b31c3e6724eddecdc698cd3f5514873bc0157ef86254e2e0085 | Triage

Sharing

General

Target

Kangaroo.exe
Size

311KB
Sample

240417-a55dxaae31
MD5

2e0d1b3006c90e6483a869b638f979be
SHA1

a42766bf9f315fbc0552d96b6a41a9640bde22f5
SHA256

f1527aa38e7f8b31c3e6724eddecdc698cd3f5514873bc0157ef86254e2e0085
SHA512

b8d66e7d5e895eb0f96c582724ecd8f00ae41af57d21c48972a873c27944798a505bf33df32031130b9db40d4821b0e0f1bf9f9eec798b5621af60ab5fda1a82
SSDEEP

6144:SGnKyjWo7gB8eOCJG3FGJljXdQprzvEXaAMw0YYaZB6gkipk3mmw0OKggr5i0OK6:SGKsWR8FCw3wjXdQpv6aAMpQZtxTSgqs

Score

8^/10

Malware Config

Targets

- Target
  
  Kangaroo.exe
- Size
  
  311KB
- MD5
  
  2e0d1b3006c90e6483a869b638f979be
- SHA1
  
  a42766bf9f315fbc0552d96b6a41a9640bde22f5
- SHA256
  
  f1527aa38e7f8b31c3e6724eddecdc698cd3f5514873bc0157ef86254e2e0085
- SHA512
  
  b8d66e7d5e895eb0f96c582724ecd8f00ae41af57d21c48972a873c27944798a505bf33df32031130b9db40d4821b0e0f1bf9f9eec798b5621af60ab5fda1a82
- SSDEEP
  
  6144:SGnKyjWo7gB8eOCJG3FGJljXdQprzvEXaAMw0YYaZB6gkipk3mmw0OKggr5i0OK6:SGKsWR8FCw3wjXdQpv6aAMpQZtxTSgqs
Score

8^/10
- Downloads MZ/PE file
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1