Overview

overview

5

Static

static

Mail-IspMa...ile.pl

windows7-x64

3

Mail-IspMa...ile.pl

windows10-2004-x64

3

Mail-IspMa...teD.pl

ubuntu-18.04-amd64

5

Mail-IspMa...teD.pl

debian-9-armhf

5

Mail-IspMa...teD.pl

debian-9-mips

5

Mail-IspMa...teD.pl

debian-9-mipsel

5

Mail-IspMa...ar.com

windows7-x64

Mail-IspMa...ar.com

windows10-2004-x64

Mail-IspMa...irscan

ubuntu-18.04-amd64

5

Mail-IspMa...irscan

debian-9-armhf

5

Mail-IspMa...irscan

debian-9-mips

5

Mail-IspMa...irscan

debian-9-mipsel

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b06f914df919d5f91f24a6b30eacd85b0331b6f8941138ceb268de75cae6494e

  • Size

    230KB

  • Sample

    221126-canh1sgd3v

  • MD5

    748af8173855553aad1dd36e04edfad7

  • SHA1

    ffc14cd50d0f838a7370909602aca6e7f30689f7

  • SHA256

    b06f914df919d5f91f24a6b30eacd85b0331b6f8941138ceb268de75cae6494e

  • SHA512

    ac6a2cc3ce9f0899c492430f212be78840b2132c1507045105bdf3e27c51cba78fe1943317b87be9d0faaec3105a90d6a1b272cdc54dcceefd59cf8fed51637e

  • SSDEEP

    6144:PQUdrFtwd6vBUKFrvPqXI3q6L4kqH8z0Lw6w:JdxtwdiBUKNvPq0qa4kqHaYw6w

Score
5/10
linux

Malware Config

Targets

    • Target

      Mail-IspMailGate-1.1011/Makefile.PL

    • Size

      3KB

    • MD5

      6f753aa3a16b27dce3445f2abb754773

    • SHA1

      b05cf863b5161047fae2fbdac6b87d61b5beb6b9

    • SHA256

      ba7a0f64b2d5d17a298f68e7b7de51c5080e15b38ebffdf7674c1c8fcf26dc8b

    • SHA512

      73c645a44cfc3bfd9184277a48e2bd796790a6930ed28b48bbc97698a90025e27c1d60b4f7939f5b25eb6adbd47a6a2d6480c03bca3fe6944275fd92bd31d617

    Score
    3/10
    behavioral1behavioral2

    • Target

      Mail-IspMailGate-1.1011/ispMailGateD.PL

    • Size

      29KB

    • MD5

      28fc297725fa604986c614ec6a1694ea

    • SHA1

      ea62b41971729cf9daaebc701a530eaed7ae2f98

    • SHA256

      9e5c0cd97de4576ee7b079846f8ac7156c246d038b8df8eda9540d79862267c2

    • SHA512

      2df0591623bbdfdacde870347f349381a09712cdd4f655a7b1bf3548a8805ed17d22908066cef895c4daa14d00e0820a0e0a8136e6abfd454b47b616b285092e

    • SSDEEP

      768:13IOnGFRBK6QZs4eZHWNZWvo2rlPOpZ+qf/jw:pIrFRdQ2HhWjWX4kqf/8

    Score
    5/10

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral3behavioral4behavioral5behavioral6

    • Target

      Mail-IspMailGate-1.1011/t/eicar.com

    • Size

      69B

    • MD5

      69630e4574ec6798239b091cda43dca0

    • SHA1

      cf8bd9dfddff007f75adf4c2be48005cea317c62

    • SHA256

      131f95c51cc819465fa1797f6ccacf9d494aaaff46fa3eac73ae63ffbdfd8267

    • SHA512

      5581f85b25f0d80fa84c69e7ca24d98344f5fbaec45b7707dccf139a8c065961391d6e762516ee1db3137c4d82eca7fbc67c348c37ea0d615bb88161cf3b3008

    Score
    1/10
    behavioral7behavioral8

    • Target

      Mail-IspMailGate-1.1011/t/virscan

    • Size

      152B

    • MD5

      bdca97d928c5c063bdf5b5df0cbba2f5

    • SHA1

      3b240db9375390b7677495753489547b657dbe18

    • SHA256

      60a1bc45d5e9fd1999987f9d4eb14558fa9fb26bb3bb8904d9b4cdf0d7dd2996

    • SHA512

      612214180518696253d4c3c584fc73b126fccd6f68d688ae94d8894645502568e9071657da00a8aabdb58eb6fb4a1d790fa49adbf16ac70fb1e5d46439f41646

    Score
    5/10

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral10behavioral11behavioral12behavioral9

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks