Overview

overview

5

Static

static

s/go.sh

windows7-x64

3

s/go.sh

windows10-2004-x64

3

s/ps

ubuntu-18.04-amd64

s/scan

ubuntu-18.04-amd64

5

s/scan

debian-9-armhf

5

s/scan

debian-9-mips

5

s/scan

debian-9-mipsel

5

s/ss

ubuntu-18.04-amd64

1

s/ssh-scan

ubuntu-18.04-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3cca4da1d1f024287dd8309229262c26d29215f9b47acb3ad761bbcb2ab89d82

  • Size

    1.3MB

  • Sample

    221126-mpevjaaa96

  • MD5

    c007a3cd015e2494105214a805638942

  • SHA1

    03f78270ae99cfa774075820af8972f025088a96

  • SHA256

    3cca4da1d1f024287dd8309229262c26d29215f9b47acb3ad761bbcb2ab89d82

  • SHA512

    af8252e681e822c9685025abd7c5dd68d5fd106b96b0d4bc77b98c63d7f921319a3fed4843431fdab83c40e476b2eae23330c9ddedcc8289cfc737ceb0669633

  • SSDEEP

    24576:68dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ+eMWyO:7zG9LvDbalG04rb6oZ4EQHQxMW

Score
5/10
linux

Malware Config

Targets

    • Target

      s/go.sh

    • Size

      125B

    • MD5

      f8dab7c30afe989a3324752b9703449d

    • SHA1

      487bc217f6f2415431a9134612aa0f4b14a8afa9

    • SHA256

      be8424f3c8f6b8cdeb743d00a4891925704e9066f682efa26e22c860200cfc2b

    • SHA512

      d384ac879447df1d94888c292ae670f4c03e5eb907d9c3bfa436acd7727ab625d45c506d525c57bcee73c0e7de368c70a88216406cc7e95a75d7de2ffe28d780

    Score
    3/10
    behavioral1behavioral2

    • Target

      s/ps

    • Size

      15KB

    • MD5

      a7001e857219d7cc063f670f2f8f7195

    • SHA1

      2447d9fc5f75acf69c10e17d5683a6d7c0c1722a

    • SHA256

      26547f0ed767169c202ecff54d5c078b96ce92f69c4e6261bdc5d8a4cfc1ee1b

    • SHA512

      3aa15455106f0ccf69fca447c4dc8b4e470834e1905219fd111af7bb2804e7a6dac4aa0adf53ea02fd3b2ac7cd44a7260931f3cf35b6e5b9a427fe626a546ec8

    • SSDEEP

      192:fCrBvmXN2QcgUy26zYpCKoHWe2eTo0ULJDpNIAozhpmNK5coEKwMGPP:fCVOwgUyi8HhTvULJDzzes85rEKwM+

    Score
    1/10
    behavioral3

    • Target

      s/scan

    • Size

      1008B

    • MD5

      faf6a155217cbcfbbe5f6b3e1e02b9fd

    • SHA1

      deabd1429a632f18f4c160b390347b687582cf55

    • SHA256

      b22dce250e430bc24977fed7c49ee8cb2835392bc4864d5d2786033394953182

    • SHA512

      14085cdf189ce3355af6eedbcc731439a89212578f77af262309041b2c1a578ab0fc643aac9fe3d5edb841248020a13613630b8ad973d51dc8f40d456a72e041

    Score
    5/10

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral4behavioral5behavioral6behavioral7

    • Target

      s/ss

    • Size

      443KB

    • MD5

      b51a52c9c82bb4401659b4c17c60f89f

    • SHA1

      b45ae5d8d3069ee7f880dd461c931fa711b6ad3d

    • SHA256

      97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762

    • SHA512

      600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68

    • SSDEEP

      6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq

    Score
    1/10
    behavioral8

    • Target

      s/ssh-scan

    • Size

      822KB

    • MD5

      a213ebd69fbc11d612d0374b373f65d8

    • SHA1

      4f64a5b07b0c128771ea21bf4aa15610fc6b071c

    • SHA256

      93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd

    • SHA512

      eb1f005984d50cfd40f26730e8206d9455c1f3560ba90338019911987d2c401e93e70c7565ac68c291a19e04d346fc01cc7b8eaa57942bbcad5d64ab543ad5a3

    • SSDEEP

      24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ:dzG9LvDbalG04rb6oZ4EQHQ

    Score
    1/10
    behavioral9

MITRE ATT&CK Enterprise v6

Tasks