38facb965b81f50688bc6ae1ae6132e2cf87679b3e60fdd96772c2c5a81411b1 | Triage

Sharing

General

Target

InstaReport-main.zip
Size

343KB
Sample

221129-pqay3sce2z
MD5

298aefc8595746b8ecbce4ae84bd8861
SHA1

879c3d3b118864ec7d13e1c2940bfcfa990da622
SHA256

38facb965b81f50688bc6ae1ae6132e2cf87679b3e60fdd96772c2c5a81411b1
SHA512

9e400a3b5b0a26e6a4f7e4b2fd7f6ff053f6f24fad9284e1e2140182e433a8292f47f5d18e5a29fb14612242ae3f2b5ed128d944476a6de930eeca0ec6ac4f25
SSDEEP

6144:lpETPTWErvhX1mYBkKFSWn5K5CdIgMYVkfP8e1FJoD9pv+Ko4wivIlDATP3tyl5i:lp0PTWEvyYGKFSG5K5xjYVCUe1Dc/vIM

Score

9^/10

linux

Malware Config

Targets

- Target
  
  InstaReport-main/ReportBot.py
- Size
  
  13KB
- MD5
  
  7d04b6ddbe3e69bbb820756d66d31d4c
- SHA1
  
  624f42df2970a9481c4b1fbe59843259fe86f394
- SHA256
  
  97f1fd10d98cb62adec25e09cf6d702ceed4631e3694ba8ce8d4d2fc6b8d7298
- SHA512
  
  832253641db15c64a7869664ffe753b8fdded10388cb1aa585acffb8c4b7579a6fa301646a59c890d5726cc5651b8dddbe93d1163c5927e87836c375c5bb385a
- SSDEEP
  
  192:/OpQN/kph0/XCyHozrq+DlOTx10fqKPFaUUUEWt:/iQN/y0PCyHELDlON10vPmWt
Score

7^/10
- Write file to user bin folder
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  InstaReport-main/about.py
- Size
  
  1KB
- MD5
  
  4c3bf3d42ba8c438c41c9af3e8639e10
- SHA1
  
  c9ef6612a260c2138043977f131239a1044e8c70
- SHA256
  
  be8350739e563914b0ea6c370a36754ca93ef0fdc703cec7731dfb826f603a72
- SHA512
  
  72aabf8def0e95dbfaf610672e646cd8c8fa4519b398b33f306936fbd100075f7770ff61dc16c23ecb1a1d13a996841f14af931f0ce4973adaa34d9e3c286810
Score

3^/10
behavioral5 behavioral6
- Target
  
  InstaReport-main/help.py
- Size
  
  2KB
- MD5
  
  ce9c46563d9289f7504833aa661f38b0
- SHA1
  
  54d3c72d55a5e1ebf210e7c1bed7c2f9143e8476
- SHA256
  
  3bc3fa6667544247c8b3d22984a6515c246a7e4c649e7cd358579775daf13ef5
- SHA512
  
  74098a53784db3eb40dde5e79192f5188c1f693d547221c45f4dd40be625832632c577039521e4eb030f203dd98a6da615bc332ae33c05c05270d66d826271d0
Score

3^/10
behavioral7 behavioral8
- Target
  
  InstaReport-main/libs/animation.py
- Size
  
  3KB
- MD5
  
  4faf674fa9ea3749a7e1a3dba7c3cf29
- SHA1
  
  89102286763710bf12c90ed745822af198f61a53
- SHA256
  
  bece902bc4d6d7590695d7bb5311fc0c2159183a987e22a998d304f2b5f49afc
- SHA512
  
  320242e8581977711feef9071dd135ab5ffbfec6af231422e007deddd1c999d31d8b1ba9785e429cd20e5a61dbf57da183b9d07cbe5ea0547486c1bf9bc7dfaf
Score

3^/10
behavioral10 behavioral9
- Target
  
  InstaReport-main/libs/attack.py
- Size
  
  11KB
- MD5
  
  71724849343d08bc8d4f099e3b5761b7
- SHA1
  
  25bf72238e11631b6fc81e83132f22e9a40416ff
- SHA256
  
  b07b523f43aaed463ec13152659834f64771463e5faccce7c264b518930b4cb7
- SHA512
  
  0726da0efceaf4f77e5c009d2e0e4d1ae9f8ce22f48bee87ed1e7c46918a689929fc1057a65e954ef23bbdf007919f0df3dde8d946f5fad92dfe5a0bc93a7422
- SSDEEP
  
  192:jlra1P9SymG2W90kfMBIb8fLvqVHD3HUtENWfEob00n1jRBh9hmKyAVp5+3HYyAB:jw1b2C0kfOfbcHD3HUtsFX0n1vwH2p5b
Score

1^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  InstaReport-main/libs/check_modules.py
- Size
  
  1KB
- MD5
  
  ed98a755d81328704d3e1bd562b7d135
- SHA1
  
  a12cf1b89fabeb6542749eac317337e3d1e5196d
- SHA256
  
  c89e64698af832a753b861a9e8115da6beec9c0c896510855fb20ed44f26e47e
- SHA512
  
  d7f6c8144af8b2e5b4ee3e27406cb96d3622d496c4765cc8c62dc4c05f499589fd61757ad34a47ef0de7315bfd96bfef66dbf139b9703f5bc0987bdddee76554
Score

3^/10
behavioral15 behavioral16
- Target
  
  InstaReport-main/libs/logo.py
- Size
  
  3KB
- MD5
  
  0845527c90104341891818ffd3bffb5f
- SHA1
  
  f59f9fe23c5dd15312cc507ad24d7d41c7262334
- SHA256
  
  896c1b95265a08cc1da6c5cd26fc25b2347ded2c90b27ada9c1b35152f9acba3
- SHA512
  
  d15c766f62ea6bed97f04ab13a9f398102c553b25743ad6f04c9b7ee50c762a63bd61cf2f67cde216b4dbad3e63f78cc9fe6867d1115e66a1232f35e74aaedf4
Score

3^/10
behavioral17 behavioral18
- Target
  
  InstaReport-main/libs/proxy_harvester.py
- Size
  
  5KB
- MD5
  
  f09668f57c9efeba7d03a3816f5198f3
- SHA1
  
  fd60c8ecc498d59bf4673fcbf525980e62d2b374
- SHA256
  
  bf61a917f402f5ec1064f235eb4318e8bcaa5ca651eaba366485ba46551f296d
- SHA512
  
  2e4663695777238f667113ed2e0f2d6f5eddd8baa0008267b78e4dc059fc16b18c87dd6dd2750617b2c0a805f8690d34a3f814c703d65ac664c375c122986fef
- SSDEEP
  
  96:lG2Hnwnqi69WN8dEGdZNXLI4PRrdEfPxDPird5EdeP20rdwBP2brdd3I3Mdc:lGQ3WN5NfPxQEdde3I3Mm
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral19 behavioral20 behavioral21 behavioral22
- Target
  
  InstaReport-main/libs/user_agents.py
- Size
  
  97KB
- MD5
  
  15d8111386154c81743b64e71e2ebb26
- SHA1
  
  1ed34a74c4835d1d7758c46fa715598f6298bfbd
- SHA256
  
  8fdff2cef1891628acc3a752c75623c8a2b9c6d0ff116667237f0f576b466d21
- SHA512
  
  7158cdf2bfebf3ae4ec3be1e62f3c0d2a3016fce914ad7cc5542490bf19c4dd84fdcf5be4398071eff984ae423d6769d579c1f83f2a4e00bd944c8f9b7753660
- SSDEEP
  
  192:wxG3Xkp4wvXG9mkbqukljzUwgIJaRgCaHUw5fUdIo+ibp32UffoiszT1Bnqo5mCq:8UGo+ix2UffoHKC5POlPw0V
Score

3^/10
behavioral23 behavioral24
- Target
  
  InstaReport-main/libs/utils.py
- Size
  
  1KB
- MD5
  
  4e8efd84bd5191b73e8ff875a25d5024
- SHA1
  
  f8c7d50ca00f069d8599ab237022e244eab043b6
- SHA256
  
  4150f896791853de4ce479d43e211e8c8ff6f2f3b7e4b9b129d5c9ffe3cb0667
- SHA512
  
  58d61606e66f1f9159b699be15e78ee0f3d0ddc137ecf42dc05324799c70283799abd231e904c7c98032d0b441700e9e55c88fbd9cb7d4ae99ae44859e6543ed
Score

5^/10
- Drops file in System32 directory
behavioral25 behavioral26
- Target
  
  InstaReport-main/setup.sh
- Size
  
  3KB
- MD5
  
  8415dacf6557b40ed2b5d5ccb175c741
- SHA1
  
  7fd7b3d7f0409644a48fa4cdb0e1c9b3ecbfcdba
- SHA256
  
  adb621c27290001ec3583ef30be292098b261987dcc30092d97632334e43d505
- SHA512
  
  334320dd64aebbf014005b96a202a2be8442193dfa87f54b0ff6aff58ee6893dde388e7575a5688f02c9ee40496f70fe175fb6808fa88d78fa5b3bb14adac3c2
Score

3^/10
behavioral27 behavioral28

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28