a964201b566632ce76139f1a34be92a4d9c8166546426d64a6b1795cf52669b6 | Triage

Sharing

General

Target

slinkyloader.zip
Size

17.4MB
Sample

240721-kd49yayenr
MD5

efd88c8bb5f2cf4f992f8d9069cab941
SHA1

f395f08785ed4309df4619cc77ba10395ce851e1
SHA256

a964201b566632ce76139f1a34be92a4d9c8166546426d64a6b1795cf52669b6
SHA512

8ecc5a44c807cd4406eff3c2d9279b3239588b34472006488bcedb5932e370d1d44c29e5d60440a2e0a88a24c88e3c5c4c127c89fc9a469bd8b74b780596c5fe
SSDEEP

393216:hs0RLiACVFMbXoHZbCqLAzwPzx6XFy40Fmhwzdr4/G1fWbFAtsm1Ax:bOACIb4HZbyU7x6Xc40AGnWAt6

Score

6^/10

Malware Config

Targets

- Target
  
  slinkyloader.zip
- Size
  
  17.4MB
- MD5
  
  efd88c8bb5f2cf4f992f8d9069cab941
- SHA1
  
  f395f08785ed4309df4619cc77ba10395ce851e1
- SHA256
  
  a964201b566632ce76139f1a34be92a4d9c8166546426d64a6b1795cf52669b6
- SHA512
  
  8ecc5a44c807cd4406eff3c2d9279b3239588b34472006488bcedb5932e370d1d44c29e5d60440a2e0a88a24c88e3c5c4c127c89fc9a469bd8b74b780596c5fe
- SSDEEP
  
  393216:hs0RLiACVFMbXoHZbCqLAzwPzx6XFy40Fmhwzdr4/G1fWbFAtsm1Ax:bOACIb4HZbyU7x6Xc40AGnWAt6
Score

4^/10
behavioral1
- Target
  
  slinkyloader.exe
- Size
  
  18.4MB
- MD5
  
  a2223005e6d186689577e5a2b785a16b
- SHA1
  
  1075e177247880d3e1ec940623500bf2e9b275e3
- SHA256
  
  cef5b60321f17991400a19072052535638c0a5c02d338234686552deadeea82e
- SHA512
  
  073f8e682d2468bfe7d55b82cf0ff5dafd2754da2813de2116551e2811809debba7f06c5d8ed5901a59703bfb306fd5fd05d9d1e797bf9e7887826709c6993c6
- SSDEEP
  
  393216:cKRqNWNKROYkhkpXorNv+oXsDS3LNK3HOU6x0pW/lJktSrZPLAB:/ANWKRrpYrNvou7NK3uU6E29dPL
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2