b8037760f8f92c1edb265143b3b0bbbd49b68547417e5771f8a293b905acdcd1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PolarWinds.AstraLIMS.Core.8.0.55
Size

1.9MB
Sample

221224-p1fbjsdc3t
MD5

acd408d6f8529bf3c33cc9911191f0d0
SHA1

8bcf5a2f58b46d12dc55409c701325d34df065f4
SHA256

b8037760f8f92c1edb265143b3b0bbbd49b68547417e5771f8a293b905acdcd1
SHA512

c4e79b91f1f8773974477402b65dcee562d5e3c820ddd5a333113d23f6a8439c94b601802f4eb0760e86302b84bc6f49f2a7f91c1a3422ac4735235591459107
SSDEEP

49152:J9tfk3ZUlGonggX4eEwgITgJ9V/IupBMxXQ/8:J360GJfnpeBh

Score

5^/10

linux

Malware Config

Targets

- Target
  
  PolarWinds.AstraLIMS.Core.8.0.55
- Size
  
  1.9MB
- MD5
  
  acd408d6f8529bf3c33cc9911191f0d0
- SHA1
  
  8bcf5a2f58b46d12dc55409c701325d34df065f4
- SHA256
  
  b8037760f8f92c1edb265143b3b0bbbd49b68547417e5771f8a293b905acdcd1
- SHA512
  
  c4e79b91f1f8773974477402b65dcee562d5e3c820ddd5a333113d23f6a8439c94b601802f4eb0760e86302b84bc6f49f2a7f91c1a3422ac4735235591459107
- SSDEEP
  
  49152:J9tfk3ZUlGonggX4eEwgITgJ9V/IupBMxXQ/8:J360GJfnpeBh
Score

5^/10
- Enumerates kernel/hardware configuration
  Reads contents of /sys virtual filesystem to enumerate system information.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1