0ff8bee4e6a94db06262320774c0babf688c2f47192e62d5712738ac18f00c47 | Triage

Sharing

General

Target

Fish-Spoofer.zip
Size

15KB
Sample

241006-kw8ebawgnk
MD5

dae2a9ce00fa1c61e14d7c8cc00fc2d9
SHA1

5c79e248120a0af519b75fa27cdd4bf2211eed21
SHA256

0ff8bee4e6a94db06262320774c0babf688c2f47192e62d5712738ac18f00c47
SHA512

ec28c4e004f9c0a4a2bc9067907ee822d8806aa8b60847b1ed6403c9156af9a5099e5f03529c48ff51bfa98f1d7140a7872c1570ac8edc743956de9fe40c7709
SSDEEP

384:bbyLpzFXXAy5bpOc+FcXYBwvY3Q0sXSeNwZyf/O/XYrm:bbyLpikL+UggtXPNwZySYrm

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  Fish Console Lib.dll
- Size
  
  19KB
- MD5
  
  225896e547bbaeb18896313ae4617eae
- SHA1
  
  15e6d360ccdd1e28c2a479c348a4af07d6d8a644
- SHA256
  
  5ce2af9c97246968f5ab1a9da9d60400c438d65b26f4644277c7673f3644ae18
- SHA512
  
  adf9244a4dc7a6c5a34687be803229aa2f5358cd91232fa10ac90e47f39209bab18987070a9b5cfe775865d018df655b6d651c6c3262cfdf3523dc99a7e1b347
- SSDEEP
  
  384:YI1VoWPxDzc4sCadq/blvZkNHioEruX20nXROFsVahZ7:YwdZbszq/5a77XbXROFsYhZ
Score

1^/10
behavioral1 behavioral2
- Target
  
  Fish-Spoofer.exe
- Size
  
  19KB
- MD5
  
  5b26c7f570157e727ad879566d03233e
- SHA1
  
  1ddc10eee002147b02f6d3b6dcdc6de25a17319e
- SHA256
  
  7ffc6990f8c8482b2400354ce2f1839fbf74afcfe13b6613da56a6d854eefeb6
- SHA512
  
  1eddea9bcc8422c34879c888b3a38f0c069ff5de8e8b19c878e88dec48f5cd6929f0a2c5b0e49572af54986dcc78d697b4a9cdf41b3c45a55a7a1b2550e6486e
- SSDEEP
  
  384:ElADMr9qbL8j5ARr6RJYpWkyZ0bTE6YfEd3Y88XWnHVu:ElNAQSRuRaMkZbT40r8XWHY
Score

8^/10

discovery persistence
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

discoverypersistence