0a47bb8b432a0f90511ce50b6b6bc627ca52151979bbc15a82b52fc8f2a27521 | Triage

Sharing

General

Target

HWID_Spoofer.rar
Size

3.0MB
Sample

220929-v2n8qsbeh8
MD5

32899a11c5eb069df40da6ae54830241
SHA1

43da0ed97c3566c2eab223d0a31e76738f50199f
SHA256

0a47bb8b432a0f90511ce50b6b6bc627ca52151979bbc15a82b52fc8f2a27521
SHA512

8f095a887525a9a0b62b60ce4696128cbc64d5647b01858efd7a00d7e7975f40c58f6f3ffe93f5ad5f71fb3652243ab6004ed22d2e0a948b490962540a5d02a2
SSDEEP

98304:ZqnCxzgeSSJV+AFrGqoTvE6EAjELCZctIKpV+T3sZc:A0zgePVM9E6EAwLRUL

Score

5^/10

linux

Malware Config

Targets

- Target
  
  HWID_Spoofer/.git/hooks/applypatch-msg.sample
- Size
  
  478B
- MD5
  
  ce562e08d8098926a3862fc6e7905199
- SHA1
  
  4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd
- SHA256
  
  0223497a0b8b033aa58a3a521b8629869386cf7ab0e2f101963d328aa62193f7
- SHA512
  
  536cce804d84e25813993efdd240537b52d00ce9cdcecf1982f85096d56a521290104c825c00b370b2752201952a9616a3f4e28c5d27a5b4e4842101a2ff9bee
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  HWID_Spoofer/.git/hooks/commit-msg.sample
- Size
  
  896B
- MD5
  
  579a3c1e12a1e74a98169175fb913012
- SHA1
  
  ee1ed5aad98a435f2020b6de35c173b75d9affac
- SHA256
  
  1f74d5e9292979b573ebd59741d46cb93ff391acdd083d340b94370753d92437
- SHA512
  
  d6bb7fa747f4625adf1877f546565cbe812ca7dd4168f7e9068e6732555d8737eba549546cf5946649e3f38de82d173aaf9c160a4c9f9445655258b4c5f955eb
Score

5^/10
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  HWID_Spoofer/.git/hooks/fsmonitor-watchman.sample
- Size
  
  4KB
- MD5
  
  ea587b0fae70333bce92257152996e70
- SHA1
  
  118ff5509f187039734d04456bf01e44c933ac19
- SHA256
  
  f3c0228d8e827f1c5260ac59fdd92c3d425c46e54711ef713c5a54ae0a4db2b4
- SHA512
  
  f5a4d2bff93161eb61b9902ff74d5ee20de3316f2b1c5ad49299deaf1adf231848c5501b6e4a840e5b898791f86c66eed6f3b05ff573073674177a33a1f2ae9c
- SSDEEP
  
  96:GFCscBOvOFXDgRvi/3eCwX9PlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRamCwX9PqRo7geEk3IzCa
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral9 behavioral10 behavioral11 behavioral12
- Target
  
  HWID_Spoofer/.git/hooks/post-update.sample
- Size
  
  189B
- MD5
  
  2b7ea5cee3c49ff53d41e00785eb974c
- SHA1
  
  b614c2f63da7dca9f1db2e7ade61ef30448fc96c
- SHA256
  
  81765af2daef323061dcbc5e61fc16481cb74b3bac9ad8a174b186523586f6c5
- SHA512
  
  473ad124642571656276bf83b9ff63ab1804d3c23a5bdae52391c6f70a894849ac60c10c9d31deff3938922ce83b68b1e60c11592bbf7ea503f4acd39968cefa
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  HWID_Spoofer/.git/hooks/pre-applypatch.sample
- Size
  
  424B
- MD5
  
  054f9ffb8bfe04a599751cc757226dda
- SHA1
  
  f208287c1a92525de9f5462e905a9d31de1e2d75
- SHA256
  
  e15c5b469ea3e0a695bea6f2c82bcf8e62821074939ddd85b77e0007ff165475
- SHA512
  
  cb78aa7e9b9c146e5db65d86dd83f04e2b6942a06fab50c704a0fd900683f3b6ad1164e74afe2f267f6da91cdff0b9ab07713e12cefc6f8d741b5df194f4fda6
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  HWID_Spoofer/.git/hooks/pre-commit.sample
- Size
  
  1KB
- MD5
  
  305eadbbcd6f6d2567e033ad12aabbc4
- SHA1
  
  a79d057388ee2c2fe6561d7697f1f5efcff96f23
- SHA256
  
  f9af7d95eb1231ecf2eba9770fedfa8d4797a12b02d7240e98d568201251244a
- SHA512
  
  7cfb0a58abed1915ee1b261a1c661c7e2deea4e9227f77f5875af1a25c82e19245ba12dcb2f5052d994d0e81a3465daf37f9d8c670e17f9c96742f60fdfaaa56
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral21 behavioral22 behavioral23 behavioral24
- Target
  
  HWID_Spoofer/.git/hooks/pre-merge-commit.sample
- Size
  
  416B
- MD5
  
  39cb268e2a85d436b9eb6f47614c3cbc
- SHA1
  
  04c64e58bc25c149482ed45dbd79e40effb89eb7
- SHA256
  
  d3825a70337940ebbd0a5c072984e13245920cdf8898bd225c8d27a6dfc9cb53
- SHA512
  
  e4dc204494f5062efa3032b00c64707a4f38978040482501b3e085f071e3ee5a9737d537e6a52002ceb4ebe2bfe09e555c5d969581e80b3eba2a922015c67960
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral25 behavioral26 behavioral27 behavioral28
- Target
  
  HWID_Spoofer/.git/hooks/pre-push.sample
- Size
  
  1KB
- MD5
  
  2c642152299a94e05ea26eae11993b13
- SHA1
  
  a599b773b930ca83dbc3a5c7c13059ac4a6eaedc
- SHA256
  
  ecce9c7e04d3f5dd9d8ada81753dd1d549a9634b26770042b58dda00217d086a
- SHA512
  
  cc98bbe0e3865e2023af04416e10689e3aecd3f3928cf90c2acc0d3d7306388886779025c8967c8ea198af1f4fe29d16c65d4e1d546c7a8fa513f5ba7df16850
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral29 behavioral30 behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32