38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981 | Triage

Resubmissions

02-07-2024 23:48

240702-3tl3eawdpf 10

02-07-2024 23:39

240702-3nl58awbkg 10

02-07-2024 23:36

240702-3lzzaszekr 6

02-07-2024 06:39

240702-heslesvapn 10

02-07-2024 06:28

240702-g8c76atgjr 10

02-07-2024 06:22

240702-g4z65azepb 6

02-07-2024 06:05

240702-gs9leszbja 6

02-07-2024 06:00

240702-gqde7szaje 8

Sharing

General

Target

piggy.png
Size

1.3MB
Sample

240702-gqde7szaje
MD5

db441b970d8b070324fad09acb7ca77f
SHA1

d71a69ffc7c67b2bc338d809b2a7933d1139638a
SHA256

38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981
SHA512

49b8b422831afec6f9600f9ee03b6ff237abf548ffecb607a38992ae72c6d27820e980e79217c784b13b6df70d56482b26a06f058bb00a326e1564f7fcb1b55d
SSDEEP

24576:bNkiU39wq+8/EV7QXZyP2wWYMmxtJMdhBgf0n1BcFvnbz:bNV09wq+gECnGfJ0Bu0n1OZP

Score

8^/10

Malware Config

Targets

- Target
  
  piggy.png
- Size
  
  1.3MB
- MD5
  
  db441b970d8b070324fad09acb7ca77f
- SHA1
  
  d71a69ffc7c67b2bc338d809b2a7933d1139638a
- SHA256
  
  38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981
- SHA512
  
  49b8b422831afec6f9600f9ee03b6ff237abf548ffecb607a38992ae72c6d27820e980e79217c784b13b6df70d56482b26a06f058bb00a326e1564f7fcb1b55d
- SSDEEP
  
  24576:bNkiU39wq+8/EV7QXZyP2wWYMmxtJMdhBgf0n1BcFvnbz:bNV09wq+gECnGfJ0Bu0n1OZP
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2