Overview

overview

6

Static

static

cf79606eae...9b8dea

ubuntu-18.04-amd64

6

cf79606eae...9b8dea

debian-9-armhf

6

cf79606eae...9b8dea

debian-9-mips

6

cf79606eae...9b8dea

debian-9-mipsel

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf79606eae2e092774cd526aab8792b57ad36b6ab85cd7522cf04f57289b8dea

  • Size

    1KB

  • Sample

    221125-yal6vadd8z

  • MD5

    3b2586fd81c0ca699acfa342ca7e248f

  • SHA1

    25d0f7abafe4e229c1aeaed0137988628263f63d

  • SHA256

    cf79606eae2e092774cd526aab8792b57ad36b6ab85cd7522cf04f57289b8dea

  • SHA512

    eb969364b7b884a2038180d2b6511db1eca0abff69147f63750347d3b9dc0ec37689939927f398e86acdb74e630fe7a071462e739cc502d8e26b2b3f3c37086d

Score
6/10
linux

Malware Config

Targets

    • Target

      cf79606eae2e092774cd526aab8792b57ad36b6ab85cd7522cf04f57289b8dea

    • Size

      1KB

    • MD5

      3b2586fd81c0ca699acfa342ca7e248f

    • SHA1

      25d0f7abafe4e229c1aeaed0137988628263f63d

    • SHA256

      cf79606eae2e092774cd526aab8792b57ad36b6ab85cd7522cf04f57289b8dea

    • SHA512

      eb969364b7b884a2038180d2b6511db1eca0abff69147f63750347d3b9dc0ec37689939927f398e86acdb74e630fe7a071462e739cc502d8e26b2b3f3c37086d

    Score
    6/10

    • Reads CPU attributes

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks