89017a73a5281e755d15cb33303bbf8454654941db813fa634d733df98363899

Sharing

Copy URL

Twitter E-mail

General

Target

Fox-Rat.rar
Size

277.1MB
Sample

240603-kpl8hahd7x
MD5

0680519942afd0d9d4ee588b565066df
SHA1

747a53a2554b68a7ead175cbf681d54c8405d7c3
SHA256

89017a73a5281e755d15cb33303bbf8454654941db813fa634d733df98363899
SHA512

b2c480ad2c7ec83e361d54addfadc3e6f285564980787d08c48174738dbd54825f3cb672bc63b0377f1efff09686f85bc3023a4ed1042dc5733bb03562172628
SSDEEP

6291456:bllrjz8A2DgnnOwPr59i0CMU0RmbCMd8SkV:bvjz8paDijtz8N

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  Fox-Rat/DrakeUI.Framework.dll
- Size
  
  1.6MB
- MD5
  
  0562b4c97f643306df491a938ae636da
- SHA1
  
  0807c37b711374ed4814a9518c9e264517de89a0
- SHA256
  
  70e72477f7fe0018e043ce8fe2228a289459058ee41caecd6f05855898bc5b80
- SHA512
  
  c969cd274b6bf65a34f1d129b6531616a3485a1f153088609ad2369d380fdec37c3e88a423495912715a26e353dd5498f7f9e73c895e9f3f18fc7d1e65d2ecaf
- SSDEEP
  
  24576:nYyUyUxws47SDJ+wfa3ZsacYwzhmT5LOMobxqFFnM9Pv1w+Fus:nYyUyUueD001YwzhmVSMoNqFF
Score

1^/10
behavioral1 behavioral2
- Target
  
  Fox-Rat/Fox Rat.exe
- Size
  
  176.9MB
- MD5
  
  19e89f642b16296e64317abb545c76dd
- SHA1
  
  4eb91f8acbdb48b722d35761ded40075eef652ee
- SHA256
  
  1c67a3f1e5dae9a2490159fb00b8598ea81399e85e44902d54a647aad32dcbbc
- SHA512
  
  84f3a7dce44ef1973aa0e37e1bb1b409b514cb63c008a382aca7477fec4dc6f3f435d458fed68b662fa5f4f9bbad280589eeda01406b6ef9ab120ddff0f3cf66
- SSDEEP
  
  3145728:fdVQCsVAM5HmkdJQCsVAM5HmIUdbEEQCsVAM5HmKdXQCsVAM5Hm:lVnsVAMrJnsVAMsnnsVAMlXnsVAM
Score

1^/10
behavioral3 behavioral4
- Target
  
  Fox-Rat/HVMRun64.dll
- Size
  
  4.3MB
- MD5
  
  21184c4444b13c67546c7acf7f6ad8e3
- SHA1
  
  806fb111900a0ec8bee1f658c6828b9e005f1111
- SHA256
  
  14f61c269509eb27083883d5e8edcf9ed14f3b62cfbfb69f4f7434d64a7fa924
- SHA512
  
  9c55f71051f7c83d8644c7eaf500a5ea887aa75886480fcb607e3540f482afde0cc11396e3c2be936bd6418ce76a752132391c97b2620927a9a694eee99380eb
- SSDEEP
  
  98304:1JArZsVn2qEP6Z5AF8qRHNKs9KtEXMURNZpe5:o0tkY5sHh9FMURN
Score

1^/10
behavioral5 behavioral6
- Target
  
  Fox-Rat/HVMRuntm.dll
- Size
  
  2.2MB
- MD5
  
  559f1a94d4fadbe42745200c5deeb94c
- SHA1
  
  606e336a95c22d0a5bd260af68a3321a284a7270
- SHA256
  
  52cf690f3436c9e98a2ab13e2871ca95da72c34ea5dd36d5c52ecccfa78b5696
- SHA512
  
  49b85d97f32322cac68c811c7f0268b6d0a71f2dc4428281d724aab0355544da4b33aebffe72e5b92d0b024e40c29392bade4eec2f00c98a46a44eb3e1e547fa
- SSDEEP
  
  49152:eX8t9RJHZ9rXOjClE3xNP8AHn9yHyS4LdR1eFcDmoFwHqM9iJ4YI:eMttZVOG237PwSS4BfZDmCwKMs1
Score

1^/10
behavioral7 behavioral8
- Target
  
  Fox-Rat/MetroSet UI.dll
- Size
  
  444KB
- MD5
  
  d99a97de55b2561e57135433b44bb786
- SHA1
  
  ab588b8d36683b52adcb32c03a9859b884838f29
- SHA256
  
  6288e559b0f34d56ab4601ffb2ba2289001c77cf7351d135dd93915034c56bba
- SHA512
  
  7ef95cb161265fcf110ba843fe3af5e6cf6d47465e17a10c742256bebd91c128df2cfa7d21696d716bfa861c952d6fad445912f8cca9da9cb03d780211b0545c
- SSDEEP
  
  6144:PTJ1DwrSfCmrB0O1SIai39IkRetlJT4ihPrsAgbP2UiuE2Bnw7M:rJSpmaxIephPrYDK
Score

1^/10
behavioral10 behavioral9
- Target
  
  Fox-Rat/NAudio.dll
- Size
  
  498KB
- MD5
  
  6ca17abccae3050f391401b2955f9333
- SHA1
  
  0975b039a793accb58130d6639262cd291d80d5d
- SHA256
  
  3ad5d09b4c8c3146d15955a564a9f1a57d7c795b189a25c6f722a738d95ef89c
- SHA512
  
  c08f366aae9baf0e7762f47a2f79d0dee5187a1d7631e5838590b7c12911bdeb6247e0ff860ade36e04f1d6717f919ad98df6d3a1a556bff4b8994db9616ccec
- SSDEEP
  
  12288:MnXnae2TPlr3zvzar5oRDaw92wP6mai9gs6C:K8lrT+r5ADakP4i9gs
Score

1^/10
behavioral11 behavioral12
- Target
  
  Fox-Rat/Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral13 behavioral14
- Target
  
  Fox-Rat/WinMM.Net.dll
- Size
  
  43KB
- MD5
  
  d4b80052c7b4093e10ce1f40ce74f707
- SHA1
  
  2494a38f1c0d3a0aa9b31cf0650337cacc655697
- SHA256
  
  59e2ac1b79840274bdfcef412a10058654e42f4285d732d1487e65e60ffbfb46
- SHA512
  
  3813b81f741ae3adb07ae370e817597ed2803680841ccc7549babb727910c7bff4f8450670d0ca19a0d09e06f133a1aaefecf5b5620e1b0bdb6bcd409982c450
- SSDEEP
  
  768:LyasDzF2TDSemqD9tGI+ffwj2Au0LVpqmf7KxcOOrYCPTxqPb85:LyaXKemqD9tGI+ffwj2Au0LVpq4KWrlv
Score

1^/10
behavioral15 behavioral16
- Target
  
  platformBinary32/bin/JAWTAccessBridge-32.dll
- Size
  
  15KB
- MD5
  
  ccd58c430a0049dc247d47abe2b07154
- SHA1
  
  8b0ed098ad4e52244e18582fc0fa20fdb3cf9041
- SHA256
  
  2e2019435694b89a7ef49ab75cf291278417bff384b814da1e451285cb8d64c1
- SHA512
  
  6401a133638b399eea66005af81e5eee0acb384927b79c4c241d2c97a731a384ec567649a3a2b0a5163a3c9ddf1a2ee3402660a0c4f87b9ce4a2d172e9f133e9
- SSDEEP
  
  192:TcdMm5Y8m3XLPVT65smse6ziuK7DWpHTyFonI7CY0ouasnZHSF:iMOa7PVHm4ziukDGyonxLPnhy
Score

1^/10
behavioral17 behavioral18
- Target
  
  platformBinary32/bin/JAWTAccessBridge.dll
- Size
  
  15KB
- MD5
  
  18a83919deb33b572e42b08000e362a1
- SHA1
  
  24cf5bdc5d6d50d5fed3f0cd7bfc401387c0ea00
- SHA256
  
  4227bc0f4ca568c8bb84cb01705ecad235826297a4b942cd56f2f2a3cfd882c1
- SHA512
  
  b126e3a03739b84ea45ec51f259906d8e2d0b6bbf351382739aa2f65a7a168028e4cd1e1335c4e7ab8ef09a65f20a89722ec695e0fef9e5c69db17d3084b0027
- SSDEEP
  
  192:VqcdMr5Y53XLPVT6ts6a5e1HVuurDWpHTyFonI7CY1duasnZHmR:VJMNW7PVp6THVuMDGyonNPnhw
Score

1^/10
behavioral19 behavioral20
- Target
  
  platformBinary32/bin/JavaAccessBridge-32.dll
- Size
  
  126KB
- MD5
  
  d382150d3dbfe4752fbe2ee23f10f1c9
- SHA1
  
  d482e342b8f20d6b5c249ecfa0dd6ab95514f32d
- SHA256
  
  10380aabe130ebb62ecf3d09620e8e15fd2335a1ea2faf74c41d057d9e06eee4
- SHA512
  
  72099a0599fd15f4ede5d295cc2e478fa6cd9a7a820f801fd55e634ce03a0cb002471d77329b0d74a72ab964ec8475342f29aeb3b709f0d08d58503dc9fdea2b
- SSDEEP
  
  3072:kvAznTOzUca38u4nSK/e2Hrgc6kZAn1yEkBKMKy1Zf22QYHJiuzTl8ShzzM+64mf:kvcwUca35BZnQvw
Score

1^/10
behavioral21 behavioral22
- Target
  
  platformBinary32/bin/JavaAccessBridge.dll
- Size
  
  125KB
- MD5
  
  8fb0d7aa10d26f3e64dd97e1e0373356
- SHA1
  
  9e985ba111d6ce33e582ccf00bb618437402ce16
- SHA256
  
  d8f4728c6a835509cd5a26bdcd248b4176127c5b62f914da9e8a060b354cca73
- SHA512
  
  d44de642eb3db09fb521d9445ac873cbfd97c8560754fd0832454bdf031d29571716579914d1ad2ae6a218a5bd4f1dd9a38736ac392d7144ff41c5bb88556103
- SSDEEP
  
  3072:IpVJG+7UHP/g791fU+MExgK/e2Hrgc6kZAn1y1koKMKy1Zf22QYHJiuzTl8Shzzk:IHU2Uv/W99U7xZnwsr
Score

1^/10
behavioral23 behavioral24
- Target
  
  platformBinary32/bin/WindowsAccessBridge-32.dll
- Size
  
  97KB
- MD5
  
  a344973ef854091e2f66168f95818140
- SHA1
  
  9402e4e5b17c11459cb19631ae25b2026ef22829
- SHA256
  
  bc18778df9b32a4dedd8c9a98908be58989a256d1b241aa0a1dec08113a7750e
- SHA512
  
  80482e45bf70d34664dc9d6ac1ebf1feb41fff08614df69cd0d200d2c489a31504f017c371542f4678f4ffa4d8a2db91cd12a3656ebe4d92ab6da37cbf268786
- SSDEEP
  
  1536:BRQLZsRXloJQrrUQ+1oIiYlM/qNX8cCkxTVPXIecTaN80nstj:B31loJQrIQ+EYlMiucbpIecudsd
Score

3^/10
behavioral25 behavioral26
- Target
  
  platformBinary32/bin/WindowsAccessBridge.dll
- Size
  
  95KB
- MD5
  
  3de11b70769b2029c69bb72e054976e2
- SHA1
  
  c7f60a0c9e22189b496cee19a038521c257a4d9a
- SHA256
  
  eceadccbe120bbe6fd265fe6b19be43148ab0eda663dd866fd8db764a4cadd22
- SHA512
  
  e0d4f3188e6c360676c781f13637f7bf7629cad690846a59210152d5c0d4b4bf4aec87a69befb771dc2f5eee92d1aefd19d3bebea7cb9020e29f1574853d2a17
- SSDEEP
  
  1536:P1LbpRSr0L5fk61kcB2iY39wqwXIA2kUnXbIXp8Whyj8Fk3W:/R9lk61kwY39zTA2bIXlwQFkm
Score

3^/10
behavioral27 behavioral28
- Target
  
  platformBinary32/bin/apktool.bat
- Size
  
  135B
- MD5
  
  b02966b106045115fa8ef94a4e67537b
- SHA1
  
  f901df8bbfe8fe50e560e625a27da1c6c4f0e9b3
- SHA256
  
  3d8108beb40535e68e7f6421a4309408ea5efab91707fa25d862154e3cc9b6df
- SHA512
  
  6274a4568285c74985b095d1dd5649044b61cb7c372dc4653c62a2b92833df477f5a5453be0e598622918b4e6c27064a57e5fba1a657dd064e6d9598fe2f94cc
Score

1^/10
behavioral29 behavioral30
- Target
  
  platformBinary32/bin/apktool.jar
- Size
  
  19.0MB
- MD5
  
  4161cdad59718f81740d0727c9683819
- SHA1
  
  f008c1dad484ddbe682f0e003a046559e753bad2
- SHA256
  
  f750a3cd2c1f942f27f5f7fd5d17eada3bdaff0a6643f49db847e842579fdda5
- SHA512
  
  4200be3aa8923ff4af17c1cc831e228ccdbf377f47c082f8a7d45ac8ca950f0c3354072ef986e1947daf25531e153973872de4fc52d8cfee5ee100bdd3283d70
- SSDEEP
  
  393216:OkyM39U9Rt5D66rAzKFNf514GqUL3gYutKJzZWhkvOA8iSeo:OHYU54KFXztLhutKFi4Seo
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32