stealthworker | threat_file_fetch_1516774304877399997_24-09-22_19_59_51[.]zip

General

Target

threat_file_fetch_1516774304877399997_24-09-22_19_59_51.zip
Size

3.0MB
MD5

b10f6a4c55bcde26872296a40c38e8e7
SHA1

de6fd3e2ac1f6b3f22c3c180337b96746afcd8de
SHA256

a8c6835c75b7ef04eb222503f3ba0047d21960e79cb37ccf9436810bcdd50b9c
SHA512

68cc7039831163a50aca4c4d52ec5c5562b6a451321f62912e768c91fc139e94c1fbb5cc66baeb2ad1d82bc42840f70f4fb5642b2b2cd48b36786fa4116628b0
SSDEEP

49152:zftqKYkQUplpfnZAFBcwXxDZ6xcH7wsjdIi+2Jj6O47fEhCPV1QFzIR703ZVg9:ZdYRUpl3ABXXWtsjdIi+LJfEgPV1f434

Score

10^/10

StealthWorker payload 1 IoCs

botnet

Processes:

resource	yara_rule
static1/unpack001/home/autoescuelacord/public_html/httpdocs/wp-content/uploads/2019/05/jqUisJ	stealthworker

threat_file_fetch_1516774304877399997_24-09-22_19_59_51.zip
.zip

Password: Infected123$
home/autoescuelacord/public_html/httpdocs/wp-content/uploads/2019/05/jqUisJ
.elf linux x86
manifest.json