Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

7da653ba2faf3d8f5b3bc4a0f67c825fa344567e0d0bf434be9df9e897fa3bec
Size

18MB
Sample

220520-qqpb5sggep
MD5

7f040b5829703149d5a6015d76e47b02
SHA1

44efd4a653b67ccd9121118cb04a0a5d7b6ddc56
SHA256

7da653ba2faf3d8f5b3bc4a0f67c825fa344567e0d0bf434be9df9e897fa3bec
SHA512

db88f8fc0c03cbc6264da73d8e5ab906d900882dfbc177af9bc297f82b95d9f070c3bb52bea1f3580e0f6ce739673c6f96df0916b190a3d00bf956897d56b1be

Score

10^/10

xmrig linux miner

Malware Config

Targets

- Target
  
  .rsync/a/a
- Size
  
  876B
- MD5
  
  de5869436d84eee7b336fb5c51675290
- SHA1
  
  4427d10cc48b92208b9d61b45f45b3156e884813
- SHA256
  
  9d4fef06b12d18385f1c45dd4e37f031c6590b080ea5446ff7a5bac491daea50
- SHA512
  
  f26bcbdcf7417308bdec3f3f8b6ef453d2b7417b16d015eeddfc447955068b48667554fd9a1b896ee9d44ac3c2cac54137fc455c45f94251f42e5e3a1e7b6230
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  .rsync/a/anacron
- Size
  
  2MB
- MD5
  
  199ab44a303a5aadf93e5966f6e5cd69
- SHA1
  
  557642c34d62ad35da80486404e40d808f52452f
- SHA256
  
  80b32c058a3f169b5523bcc0cfc8c4100ef0af5ba4ab5be26c9926e51a81a679
- SHA512
  
  5e613befa842995e9f68d6dff6d47b8b7c70240d5c9310361cba0ae351269510361521182b1a8265d01fc77b27bd0a42d75ab9c4427ac36c0835d64d6e6d9b80
Score

1^/10
behavioral5
- Target
  
  .rsync/a/cron
- Size
  
  2MB
- MD5
  
  b97e572ff7fc887edd5085402e0b4e86
- SHA1
  
  a7cd1e37de9b2e38d5dbaeac8124006e27d24281
- SHA256
  
  75dda8e2779e13c234387fe6164ea7a71fe15e9753a6ee687ba5588ba2200463
- SHA512
  
  724c3f2ee4dfda9aa7d452ca3491c13c689cf0bab058193e3097f1146c1b7195f86924c36e25bcb85c95fe5607c8b909f044bb69efababa7a04de471afe02b94
Score

1^/10
behavioral6
- Target
  
  .rsync/a/init0
- Size
  
  8KB
- MD5
  
  b56a122f8141ffd829bf5c1bc6c6eb4e
- SHA1
  
  9df04a110dfe5b810f0ee6856a65e3f004aad585
- SHA256
  
  1800de5f0fb7c5ef3c0d9787260ed61bc324d861bc92d9673d4737d1421972aa
- SHA512
  
  d5d651743b012e12e9c17da3bb97c51a318ca9f0afe5dc75d827b87fc8856e044c18bc880d864a3d85ad712d773b64d400edb691f701e7fc0356e21a6d7a758a
Score

1^/10
behavioral7 behavioral8 behavioral9 behavioral10
- Target
  
  .rsync/a/run
- Size
  
  215B
- MD5
  
  5b63cdc5b5ceef5bde4a2f9672f68069
- SHA1
  
  7491fe2657c4fa2a8d99fcd7a56e38624ff8b7fc
- SHA256
  
  cf4aaf185449bb639ec7e7fab66583488c79526bff02c08154190c66c2cd31b3
- SHA512
  
  e32275e3e15c824c854329401aaece0a0456535ecdb2b296df12ef18f31613cff183fbd4279331014bc332d42f1b8c54e97aecd9029ee70d240c2468851d4551
Score

1^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  .rsync/a/stop
- Size
  
  114B
- MD5
  
  b726837db1e4d3a05a4749fdc7a4f9d5
- SHA1
  
  793d9bb347cdc6bf99a1a6eeff2a210a6f149734
- SHA256
  
  ad46ee339c92694f3d8b072b74eec325e416bbbf305803345d6fc4e787832af6
- SHA512
  
  ce24fcc586b0172409352020c07bb49069fa8ffe7e4fb9c3f350c6b2f02c5a997b83dfb6ce6ac35db168434c7f68d0cd95f1ab198d25f2ee6ab9b13067a7ecc4
Score

1^/10
behavioral15 behavioral16 behavioral17 behavioral18
- Target
  
  .rsync/b/a
- Size
  
  157B
- MD5
  
  17dfec62acb9bc298bb333fbe391f486
- SHA1
  
  960fdc0a9c8dd4879c96ec76f69a9dedc6ec9795
- SHA256
  
  dc43fdfbb5f7e8ecc80353dcd85889c0c08483c99acbce35b3ed8f399c936920
- SHA512
  
  21d49249ca656d3f6ce7a77876796590ae66d31963a6cdf65bb294ca45372e68686f8f7fd846035ed53f1155962447a8054bf2ea081e02fbb4b3fa1b6e376881
Score

1^/10
behavioral19 behavioral20 behavioral21 behavioral22
- Target
  
  .rsync/b/run
- Size
  
  46KB
- MD5
  
  df65e9007bd4dcc0baf140f5c962a5c8
- SHA1
  
  401b0e0fb2e33e11d7e7e831fabd582fb787b617
- SHA256
  
  b68bd3a54622792200b931ee5eebf860acf8b24f4b338b5080193573a81c747d
- SHA512
  
  1f2a578d837c0421f0e4b93bbc467922f636a2fc478aa8774afe8873870a65558157decb4c83fb481145e42d76b381b3204a2d2cba57b45e19c912a25a82ff7c
Score

1^/10
behavioral23 behavioral24 behavioral25 behavioral26
- Target
  
  .rsync/b/stop
- Size
  
  943B
- MD5
  
  7cbfd6268396ad16e1880e6d3f2e2f2e
- SHA1
  
  afe69f1815ab00867789c2668aa0bf566657a850
- SHA256
  
  1c42bfcfb910013ebe02adeb6127884de54ea225161d0a7347c05c2c4e6fbf49
- SHA512
  
  e95a64e24d909b944f5617c4ac30eb1a106d3999473d77e3a9df889143227b87360d438b32da2108756a47c9f2499c0eed5755e1e4faae187b634a5d345f604e
Score

1^/10
behavioral27 behavioral28 behavioral29 behavioral30
- Target
  
  .rsync/c/go
- Size
  
  367B
- MD5
  
  5d4acba577240f8e347b0364a8abcd33
- SHA1
  
  2ccff856965744e3f6121ced00978e496b8bca8f
- SHA256
  
  7e3faf687793496dec294525c1f424824078550c06d89a4118d3011256ab62df
- SHA512
  
  d1723f99306b85c4a5fc5f6d90b02a66aee01d6ca530dfc04730a0fe57fc96499bcda82f96e961e3076039b2d926fe887ba6ebec3fb861cd9ae8fd77f18eda54
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32