ca20b7876b3490e497f4448bc03166ddaa41ebae02aac80ab49ae315eed59229 | Triage

Sharing

General

Target

MagicDorks.exe
Size

12.1MB
Sample

240525-zc5lmsaa39
MD5

187231a7a67931fc68dd44fc0d8f94d8
SHA1

1f36fe53beaf8777c5f600ebaf4d41b77b06902f
SHA256

ca20b7876b3490e497f4448bc03166ddaa41ebae02aac80ab49ae315eed59229
SHA512

16486abcef0c5d4e302a67c8344f4f822dfbba08d94cf87e9a655edcd3f80a4d9ca12adbb6c83045f91657e77620fe1f3b786620fa74e687a5c0ed81781a1d78
SSDEEP

393216:Ckp1KhW9c5hlERV5RFJzFcguYtN3ZW7FNBQxLd:C81XEhkVhZtN3+FNBu

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  MagicDorks.exe
- Size
  
  12.1MB
- MD5
  
  187231a7a67931fc68dd44fc0d8f94d8
- SHA1
  
  1f36fe53beaf8777c5f600ebaf4d41b77b06902f
- SHA256
  
  ca20b7876b3490e497f4448bc03166ddaa41ebae02aac80ab49ae315eed59229
- SHA512
  
  16486abcef0c5d4e302a67c8344f4f822dfbba08d94cf87e9a655edcd3f80a4d9ca12adbb6c83045f91657e77620fe1f3b786620fa74e687a5c0ed81781a1d78
- SSDEEP
  
  393216:Ckp1KhW9c5hlERV5RFJzFcguYtN3ZW7FNBQxLd:C81XEhkVhZtN3+FNBu
Score

7^/10
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  MagicDorks.pyc
- Size
  
  63KB
- MD5
  
  2764690dff53a43f7fd70a2c250f9b55
- SHA1
  
  aaee9fce89d4c7cf21bed5e56459493ae3eec5f7
- SHA256
  
  efb20312e92b57ad1e21944de959b2b58b553ed0b8ac27bd3b939a2c12fc0dbb
- SHA512
  
  791c8685de505c245dc803a9649cb39a6d622c6636a7f865287254badb17d1edf7fe4f95f954fc43e9460a2250432e45bea9c55efc6453e90482f6467ef15fcf
- SSDEEP
  
  1536:4s3l+lWhkcBk23BTKCK4V53dfZWR/ydFtVd91NHLJeH0pDa:kchrQCK4VRHLMHoG
Score

3^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4