d48be7caace50f53b8f826f907f60783e00631c54ed6667855dc598b011c4106 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caido-linux-v0.28.0-d48be7ca.tar.gz
Size

28.1MB
Sample

230917-zv288sfc37
MD5

4bdac5db79bc36a666c1527d3474bd7f
SHA1

bf6b476ca9b692bcd1764a1fc00e8cd61180003e
SHA256

d48be7caace50f53b8f826f907f60783e00631c54ed6667855dc598b011c4106
SHA512

ece133527192286c199e9ebe27367f5189a1b818a9594e8cc7a28d870d6327b619c508768c7f3ca631e3cfc6d91bdbc8d9a49686de0784cc897d6b995eebbcf2
SSDEEP

786432:XYDUkszBh0loSB02kndcr0DVAh6jTVFgehR9nUwi:XHr0ljBSe0DOobbhXUwi

Score

7^/10

antivm linux

Malware Config

Targets

- Target
  
  caido-linux-v0.28.0-d48be7ca.tar.gz
- Size
  
  28.1MB
- MD5
  
  4bdac5db79bc36a666c1527d3474bd7f
- SHA1
  
  bf6b476ca9b692bcd1764a1fc00e8cd61180003e
- SHA256
  
  d48be7caace50f53b8f826f907f60783e00631c54ed6667855dc598b011c4106
- SHA512
  
  ece133527192286c199e9ebe27367f5189a1b818a9594e8cc7a28d870d6327b619c508768c7f3ca631e3cfc6d91bdbc8d9a49686de0784cc897d6b995eebbcf2
- SSDEEP
  
  786432:XYDUkszBh0loSB02kndcr0DVAh6jTVFgehR9nUwi:XHr0ljBSe0DOobbhXUwi
Score

3^/10
behavioral1 behavioral2
- Target
  
  sample
- Size
  
  95.9MB
- MD5
  
  107b2837eaeb3a97edb4de3b737fafaf
- SHA1
  
  61aad2b8edef201ec811dbe7b7f907cf2107b96d
- SHA256
  
  a7343832dc6055e034302220f30b2e310c0a741f93dcd046b8ba64c36797885f
- SHA512
  
  b3c87fe0224f7acdfd91b1b0c1a5d30c3fd834ecfa12bb4e1c7affa6ab034b36a154004f63fedd3f8fbf0a9c374a2a53f4f97277c602e6046e173d8f36eb9ce8
- SSDEEP
  
  393216:oYgSodBrkkGX3g7nMXqUfnBNVvCk8d/r9X915hEdejqwZpusLcFSiWJxulNn+6Ud:ozFdBkgzMxPtvCk0/Rn5hy86UZ
Score

3^/10
behavioral3 behavioral4
- Target
  
  caido
- Size
  
  95.9MB
- MD5
  
  0f6c73e6b0176fb7375a2348c9b5ef20
- SHA1
  
  0fd582ed76284277f7a82d095b8b0d009ce3ed5b
- SHA256
  
  65954b0f35bcedb1a3388b4b9244a973f56b0f58815610cda19f8ba4ebe4416f
- SHA512
  
  011795e6e359d2d260e2c28657414f909b9e4579cf2efd987943bab9005d57bf544a8717b17b9d73fdc41aca0035fb0489a68d62d791af9d046671265923ef3c
- SSDEEP
  
  393216:5YgSodBrkkGX3g7nMXqUfnBNVvCk8d/r9X915hEdejqwZpusLcFSiWJxulNn+6Ud:5zFdBkgzMxPtvCk0/Rn5hy86UZ
Score

7^/10

antivm
- Changes its process name
- Checks CPU configuration
  Checks CPU information which indicate if the system is a virtual machine.
  antivm
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5