d314764ec9a516ae7f3288277c329e80f74ad113b16716a24293839d98ed0f21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bash-t0-infected-TEAMCITY.zip
Size

39KB
Sample

231009-pbvpyaeg44
MD5

1c015ea60fd60b75b5247c26185d8d86
SHA1

15d40f7126a7e765dbc4d3ba84e38322e30228f1
SHA256

d314764ec9a516ae7f3288277c329e80f74ad113b16716a24293839d98ed0f21
SHA512

66042877ebfd1c6be56b427449b393e5104599622bb3b2c19c0b2dfcb2e0ddaa6a22af97e9b9e7b5b8110dd4737dc718011101e99081d8a679c133344a10c4d3
SSDEEP

768:mxb9gvEMMGyuGbCSl3hbgc5l8optigXEajgd7xtOmdmKx8Hv:cbfGyPCgxbgAlWgX47xcNKxUv

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  t0
- Size
  
  80KB
- MD5
  
  09d55ee3160f3859c48176053920c0e9
- SHA1
  
  a7c0819465601021dbba4b0b884ce053cfb94b9e
- SHA256
  
  2c44909d5919e50e0e1d35f20b34c8bd64089104ef7cfe82f6257c1ebbf4d832
- SHA512
  
  629a1432a87f07dd890625e75cce2c34fb63c9e3a57782b3f560c052999fae9c537a12e96147be8103f9c119b086e3ceffd02f326856eac0e663c146344c6006
- SSDEEP
  
  1536:WW3J6b2FfV0tVl+eHwbIsEXyW6uh5wxM4e3S2RPoRL3WUTn7cdicMcZgBOa8Mkrq:uiFd0x+8TXewmxM4e2RjnDchGoaArZ8
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads CPU attributes
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1