General

  • Target

    rocl.exe

  • Size

    29.6MB

  • Sample

    240516-wc4gssgd74

  • MD5

    e91eff26e60b2ab5fa30410956999a6e

  • SHA1

    49158b70a3c790cec83bf4a99392c24636caacc1

  • SHA256

    6a3e261d1bd64683d2d1fa566409f26355c69163a47d584619ca5a1b052fa3c6

  • SHA512

    bc32b42362d811fe52322439c12d266b4bfbe2273d14d633a2465c7680ceafd67816273715f0d08fbc47a8eceea50c06cea7928d0d8c962e55da7ddcba447e83

  • SSDEEP

    786432:cPJU/pO1QtIbSN2j6+s7LWB75zu1PJyE6a8DZcIliKqTA:cPOpaiI2N2qHWB75i1Prb677

Malware Config

Targets

    • Target

      rocl.exe

    • Size

      29.6MB

    • MD5

      e91eff26e60b2ab5fa30410956999a6e

    • SHA1

      49158b70a3c790cec83bf4a99392c24636caacc1

    • SHA256

      6a3e261d1bd64683d2d1fa566409f26355c69163a47d584619ca5a1b052fa3c6

    • SHA512

      bc32b42362d811fe52322439c12d266b4bfbe2273d14d633a2465c7680ceafd67816273715f0d08fbc47a8eceea50c06cea7928d0d8c962e55da7ddcba447e83

    • SSDEEP

      786432:cPJU/pO1QtIbSN2j6+s7LWB75zu1PJyE6a8DZcIliKqTA:cPOpaiI2N2qHWB75i1Prb677

    Score
    7/10
    • Loads dropped DLL

    • Target

      WindKittyRat.pyc

    • Size

      84KB

    • MD5

      c00a0f29808942176d572c4ec8f769e1

    • SHA1

      2da1d372eb541c53678715c2dbaee73069e59436

    • SHA256

      06d3c221b96be3009b92c0e98a83b20c698d0ac9b57e6a5cf5dbf1ee32902d8c

    • SHA512

      187a38c5fc91134fd9f4120838dc7993e11809e0913a6183670e84e9fdcf8ea9ebdaae400d10e510c90a73e2f3e68b5f87660e729e9903d8610d385877b84ccf

    • SSDEEP

      768:/3q6v58y0TKIhh0h3keK5/mpSKlmQLFExhtQxpNztn24nvc85fk8mmnOiWNI00bX:2y0F6Z8LKAJszE586Ab6lS6xja2S

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks