469aa49f4f628498111af193d9220fcc41825d94525246656e40b0560d4cd267 | Triage

Sharing

General

Target

netwalker
Size

1.7MB
Sample

230202-1cqm6abb9z
MD5

c3c0c63e1003b1e8c8c6ab00be343a72
SHA1

4359121ae4583d9673f2e146e275275bcc7e20d1
SHA256

469aa49f4f628498111af193d9220fcc41825d94525246656e40b0560d4cd267
SHA512

c1205dff494f53fc0d2c1b954bc1e30f6b36757c9da907c0a7b8d6350ea6e44786f55b98655d0e43fbfcc40ac6234b5e2ecd69cf0242383af2b33bc608c67fd9
SSDEEP

49152:QmE6g6l1ZUVyTvqNFlTfAyqwzyWNOH8e3P:Q2g6XZUcTv4lTG7WNM8C

Score

6^/10

linux

Malware Config

Targets

- Target
  
  netwalker
- Size
  
  1.7MB
- MD5
  
  c3c0c63e1003b1e8c8c6ab00be343a72
- SHA1
  
  4359121ae4583d9673f2e146e275275bcc7e20d1
- SHA256
  
  469aa49f4f628498111af193d9220fcc41825d94525246656e40b0560d4cd267
- SHA512
  
  c1205dff494f53fc0d2c1b954bc1e30f6b36757c9da907c0a7b8d6350ea6e44786f55b98655d0e43fbfcc40ac6234b5e2ecd69cf0242383af2b33bc608c67fd9
- SSDEEP
  
  49152:QmE6g6l1ZUVyTvqNFlTfAyqwzyWNOH8e3P:Q2g6XZUcTv4lTG7WNM8C
Score

6^/10
- Reads CPU attributes
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1