888rat | a63cf7d5defb5312767bda89a219d79201c420e64596944fa58b9c57de74d069 | Triage

Sharing

General

Target

2024-10-01_9ddecfb5cdc6b0de55af64420cbeba1b_blackenergy_hacktools_mamba_nedsym_ngrbot_pos_trickbot_utkonos_webshell-shell_wirefire_zcrypt_zxxz
Size

5.0MB
Sample

241001-e6mbya1bkq
MD5

9ddecfb5cdc6b0de55af64420cbeba1b
SHA1

e0eec08b09bfdb96852284a9f861f737fb94a3b1
SHA256

a63cf7d5defb5312767bda89a219d79201c420e64596944fa58b9c57de74d069
SHA512

dacfbfb42d8ef3945e5825f490e75c85d30c73f091f15026998ea936e488ce09c174f455286c6456a34758aa312779432df50470df4db9fce2bd883009f2e042
SSDEEP

49152:4WSFAA/DFbf43+P6LCrh59Jls1iYhYWYHxhrLEVUvZWlarmAeLzC/QRm0iYm6qQo:oNDrSqh6AemVVHJZ

Score

10^/10

888rat discovery

Malware Config

Targets

- Target
  
  2024-10-01_9ddecfb5cdc6b0de55af64420cbeba1b_blackenergy_hacktools_mamba_nedsym_ngrbot_pos_trickbot_utkonos_webshell-shell_wirefire_zcrypt_zxxz
- Size
  
  5.0MB
- MD5
  
  9ddecfb5cdc6b0de55af64420cbeba1b
- SHA1
  
  e0eec08b09bfdb96852284a9f861f737fb94a3b1
- SHA256
  
  a63cf7d5defb5312767bda89a219d79201c420e64596944fa58b9c57de74d069
- SHA512
  
  dacfbfb42d8ef3945e5825f490e75c85d30c73f091f15026998ea936e488ce09c174f455286c6456a34758aa312779432df50470df4db9fce2bd883009f2e042
- SSDEEP
  
  49152:4WSFAA/DFbf43+P6LCrh59Jls1iYhYWYHxhrLEVUvZWlarmAeLzC/QRm0iYm6qQo:oNDrSqh6AemVVHJZ
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2