6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe

Resubmissions

19-07-2023 21:16

230719-z4frlabb95 4

19-07-2023 21:13

230719-z2sndabb89 5

11-11-2022 04:56

221111-fkt1bsbcbk 5

Sharing

Copy URL

Twitter E-mail

General

Target

6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe
Size

20.9MB
Sample

221111-fkt1bsbcbk
MD5

288fc7f27729206ff3aec044be5cff57
SHA1

cbb4c45ba4063b3af5e666856a469e8dbfc5ee9b
SHA256

6af509a247fccfa95589e9624b3d7a0c6f903822efb432d71e079272582f7fbe
SHA512

84e53c04ac3f0f4ce05b06d64d2ce38a680ac151d27528e9822d438183e0476a63f77d47b31b80d87db6c84ea69e0c626a51457ff3ed8904599a78becd21a943
SSDEEP

393216:kVMLPujfkHnqlUwberJ5KAwy/vl68vOSC8KAw4PYqzsyxH:kVMCjMHqlUwOOK/vg8OMhPYqzsCH

Score

5^/10

Malware Config

Targets

- Target
  
  var www html kemhan/.kemhan.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral1 behavioral2
- Target
  
  var www html kemhan/2022/.2022.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral3 behavioral4
- Target
  
  var www html kemhan/alfacgiapi/.alfacgiapi.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral5 behavioral6
- Target
  
  var www html kemhan/alfacgiapi/bash.alfa
- Size
  
  1KB
- MD5
  
  501e2358a0f82d8289dc51958bd81beb
- SHA1
  
  ddbf3f121acff0c651dcea118333f610cc98b0c1
- SHA256
  
  1bbacae70b0e11e051783879bb63f667b4ee88b6b5676eabc7b09ea9afbc113c
- SHA512
  
  7e96a386e687738b404a06f54c96a690fa7c9c181969c68f4c72994a32286c33266303434c85ce117fa60ef326a626cd05fd5a1aafe653e29c972f336e284755
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral10 behavioral7 behavioral8 behavioral9
- Target
  
  var www html kemhan/alfacgiapi/getheader.alfa
- Size
  
  1KB
- MD5
  
  01a42e0608773366da0e371d6caa8a6f
- SHA1
  
  0d8cf10c87d51c02cbf2eeb3c3dd772e6ea74f4e
- SHA256
  
  0b770d781067f06f847e7971a31bedee8c20c1f180e116cedeaa1c48697d7085
- SHA512
  
  cf32e360ec5c8811dd3ac13c80af60ad904233e6545766366403bd7f2f790c6ed595211045567de96481c412479be5fecaaa506a7324023c88558a6403732a51
Score

1^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  var www html kemhan/alfacgiapi/perl.alfa
- Size
  
  542B
- MD5
  
  8a3657a582ae4b798dff61233e589069
- SHA1
  
  d476b323caa8be04324c59695c5a37acfa089851
- SHA256
  
  f82fd317860454606003aa9dc7efde284d851424730e229f19c50d60206311b8
- SHA512
  
  4795bbda4c3060926e090a9a78e0ce29bcd83d1c39ea8d5607a793da47c71776acd7ef37982c27c82ca6efe022978dc1f233d92f1f38a2e3eb4223c6237a5215
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral15 behavioral16 behavioral17 behavioral18
- Target
  
  var www html kemhan/alfacgiapi/py.alfa
- Size
  
  463B
- MD5
  
  c5dcb1cdc47f271f42448a5298147924
- SHA1
  
  6dd5a25833ef3a5ac4cb716564f205d63cf6c674
- SHA256
  
  a2b2d11669115dab24ee1f82295fce67f1f93e316efe11a2c95018491e5cc484
- SHA512
  
  698b1ceb97640f11af8c95d4b7ca40980cae3b3d586da6c63c2490487a228314a1cccbe40665ddea3ba28b9ba50913af38e33dd44bf346f187667f591f03bb22
Score

1^/10
behavioral19 behavioral20 behavioral21 behavioral22
- Target
  
  var www html kemhan/arti-logo-kemhan
- Size
  
  52KB
- MD5
  
  8641a5cd837ad97af64cd67ed47fcb6a
- SHA1
  
  f09b91cf7159a5a49a5706304f4f9c1837aaa4f9
- SHA256
  
  67fb4d3918f0a6b62a127badbe8b6380bc118a4613ad83c463349074c0528e86
- SHA512
  
  652e56e5a69c791abf3cbb7170ffc9ddd93d45af381b125d4cb565420917f862897e2f97b74deb88b2bf785e7b9912b51bd0dc42a71c16d6a4f8c6eba1f876a7
- SSDEEP
  
  768:xPMkujO/TfM9REwGD/sgEtaxhaT131xQRcCeq60aP3P/gQpsFOY:xPMkCO/TfM9REwGD/2tfH1fngx
Score

1^/10
behavioral23 behavioral24
- Target
  
  var www html kemhan/category/.category.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral25 behavioral26
- Target
  
  var www html kemhan/category/berita.html
- Size
  
  68KB
- MD5
  
  b9f988d882234081c46cd744720fbe88
- SHA1
  
  670f57b854e4352b71b45c08943de31271346e8d
- SHA256
  
  d34c4e2745f3bd6dca312af32a14e38836e314906271aa4f02d64372aa6d969d
- SHA512
  
  febc806f371a6969700a712ccbe1eb4369f13dd33fd50ccbc278ce945c75130c3f8582bbd5bb4459ad06ca4670d8cf6a8144c7cc49e153dfced93c64c4aad05e
- SSDEEP
  
  1536:BPM+UXmC4BaAnDjYkBtCIRbOqL0PlLZd3MrN:MmC4BaAnDjYkTrN
Score

1^/10
behavioral27 behavioral28
- Target
  
  var www html kemhan/category/foto.html
- Size
  
  65KB
- MD5
  
  b592d1499fddc236192b42ee031cfc70
- SHA1
  
  9a858fadae129a94bae8054bf7250df772243436
- SHA256
  
  6e0b974f966f578469ee922358a302712691319f2f7de5edfd58c187e774198b
- SHA512
  
  025b5992a0eb01e1ccd02d2fc7705bd5eb7311b66b4749f21720a1e26dfc39e81b414e5491534bf74f570daaecdef1b1ccbedec1f51c4d23587b85402be31b54
- SSDEEP
  
  1536:+PM+UXmC4BaAnDjYkst+QDXibfHpZ8MrT:dmC4BaAnDjYkkibfHVrT
Score

1^/10
behavioral29 behavioral30
- Target
  
  var www html kemhan/category/foto/.foto.php
- Size
  
  3KB
- MD5
  
  bf52ae0dd3192b230f43d1a1437c7ed7
- SHA1
  
  dfd80591c9b8b9f5566ea3d23567d600d9a8efc9
- SHA256
  
  b45fc7c8b72d4f712213bdcfbee13f76ffd05796a4435836ac8d941967b3ee1c
- SHA512
  
  fd458173f9cc69785baab847d6c9f2592b48213bd07ca7454a1febb15ae13b10ee2aaf3f22402dc730d036a29ffc3fd1c945c25092d50b470c2a19c45430ab40
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Writes file to tmp directory

Writes file to tmp directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32