b377147c1bfb1f4f96ef04a6a4f2220c2f2cd14c28eb7b39e4da1ef3ff4f9b9e | Triage

Resubmissions

02/11/2023, 15:01

231102-sdwxkafe89 7

02/11/2023, 14:58

231102-scexnade9x 7

Sharing

General

Target

EzExploit.zip
Size

54KB
Sample

231102-scexnade9x
MD5

f87c13bf19ed22f5520eb9f6d00b7b93
SHA1

6b7a0d15cdbea67f9c801b7c79da2fe8810ce578
SHA256

b377147c1bfb1f4f96ef04a6a4f2220c2f2cd14c28eb7b39e4da1ef3ff4f9b9e
SHA512

b1a7e16ce91dc6ab379889f0d428e20d026da5142434b560fed6fcf67e7939a240e011584b34b8e36d386acb53c6d7879f3e2415f5ddbf815e46e6433144b953
SSDEEP

1536:Uww7dbv6b3jlK+jkMFzSBr74bytyRZ6u5u:UwgdbvY3jlK+AMd8v4by5u5u

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  EzExploit/ezexploit_standard.jar
- Size
  
  7KB
- MD5
  
  109f51f21c044d3292f4a3ef3e2b5c0d
- SHA1
  
  27fa1ba921ce08e56e827cdf6b5a04f9e527f037
- SHA256
  
  249401d3529e543a99a63adbcc8e6b09f62cc70c0b5f32d788d0f739ce16905a
- SHA512
  
  db5a103711068292ad65f0d2a213c91be0c7c284cb715cf03284f249311c9da4474e78be878aea8bfdcb105360f05f190458957dd259b960fa9cf88463393a3d
- SSDEEP
  
  96:uV6HmIeId1qsjTGGlSIdypLFS46BmONDuJyZ07FNPCiBYTG+edJdWEAetV+qGzWO:c6HTUc468zJn7SieTixWiBGzWk38Ob/x
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  EzExploit/launch-standard.bat
- Size
  
  45B
- MD5
  
  94c75b944240c0176898696f27116665
- SHA1
  
  a50fe41985615ab67d65f00cb51deef76715def9
- SHA256
  
  874f32053f82fcc17168d294d239fedf256958cc9ca90176153a8eb62886b4be
- SHA512
  
  e6f6c83870c228bcd6f42af05c0e7cc29c9b79095ccbbf63719d3b700191809e1d5741958c56d0d6f5e0adc5d9cc34f00d9f2a0c71516330fbe6f2aa32a70aa4
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral3 behavioral4
- Target
  
  EzExploit/modules/cmd_alert.jar
- Size
  
  5KB
- MD5
  
  56416bffc290b5531375807e134053f4
- SHA1
  
  cc706ad8d6b9bf02154df232d1b9574b892afd2f
- SHA256
  
  785152401573f49a3b1d9a3cf50edb89b971acf0bff4f50c1ba93678b15e92cb
- SHA512
  
  e798017ac689d8cb4f9219b84d85896ac6852762efba859af5e7442b22bf0b81fcdb5e117342e7b309a4c0b7bfed8e0304669b1c70e565b69b05610852b45bb4
- SSDEEP
  
  96:n6H/zjSMnsoU6BuXvGLHvoWywguYPHbSDM9TH5Yvp:n6r+MskcXOLb0uYjSM5Yvp
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral5 behavioral6
- Target
  
  EzExploit/modules/cmd_find.jar
- Size
  
  4KB
- MD5
  
  7b5e43fbeeadb29e464b83438b364b41
- SHA1
  
  7f1ec5e5d4a1638b90bae3850c91c7172dbbd01f
- SHA256
  
  ce8061e18a7adda05365eb3fbc46dd8860725ee8d529b91c1362aabb24e6915d
- SHA512
  
  6721f7bded1786edba9792456348fd94b3cb302ff784057a779dad7682491a3a842d5f05e60d0c3c2f3506d5066afd367159700309fec2e6fa280d83f478f71b
- SSDEEP
  
  96:v6HXGuBMb/E2TWtwRx4/m/5KoE4TpZ06cB1O2uWD:v63G7bEkWtwRx//5tEYEia
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral7 behavioral8
- Target
  
  EzExploit/modules/cmd_list.jar
- Size
  
  4KB
- MD5
  
  355849a62628d973a7bbc8c2505e805a
- SHA1
  
  e7bab7fb96f13c3f007c5d89129d804b5ebe50b8
- SHA256
  
  f4e62e6285ea6812a02495f31b9c2f7d3ebe753973b8a9f9ccab2f7b3016ab1d
- SHA512
  
  e58000192f0c19157b4d3a3683ba07ffdb391a45467c94388953589bbad3fe447403edb147fc0ac1ef3b97779142cda0f578e33e6543392fb8161f942815ff06
- SSDEEP
  
  48:v6H3giVY5igTuykeTZygXXzw/RY8j8fWb9M99Cfrn0o9SEuCVETGUVWf5P7BZf2r:v6HvVU7zJT0y8S9960zqUW5P77fj6f
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10 behavioral9
- Target
  
  EzExploit/modules/cmd_send.jar
- Size
  
  5KB
- MD5
  
  bd2949539c806d6fea49c0a26dd8810c
- SHA1
  
  2eab10589b2bc9232f1dabfc2ef52c7d1be3d844
- SHA256
  
  5399b872c37b0e5dd6f6bf414b5ef783d2b002ce3d497ac050036da95bf69b7c
- SHA512
  
  05ee6c74a52bcaec4fb6e447d46600be01623002efa777f45414a89dac6c3dc0abef24bae9c5faf4049912b22da148abd2e18e5d752b160a03ddc53088a37129
- SSDEEP
  
  96:f6HSC4xFyAw5Nt8zWmQzLmBNeCt48cP6w4080vfMyvr6M0CxU:f6dsfmIhoLmBNeCtsl3VMyQp
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral11 behavioral12
- Target
  
  EzExploit/modules/cmd_server.jar
- Size
  
  7KB
- MD5
  
  7390d87c1e8f52bc6fb77842b54c1a47
- SHA1
  
  61c8387e7cbbf83679362cca0f32b5f7613b3218
- SHA256
  
  70e7c33275ab86e2a79d40dc76153b8bb5a29d9c18bfeef8605d32cf8ca1af37
- SHA512
  
  442f2f28da32128828a2eac1e7659b9d44edd1fe54637f063c28c41b186b77b7786104a57de27e19140a38120b4123863bae314f1923efe9c2a03c3c5ef17b6f
- SSDEEP
  
  96:/6HNADjagGj/S0Q31hmVXLEboTx8AoMXsKhTGett8pxJWNPInGCeeWyzV+0GzWFw:/6aXaytFMwst8TJWkWyzvGzWq2S
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral13 behavioral14
- Target
  
  EzExploit/modules/reconnect_yaml.jar
- Size
  
  6KB
- MD5
  
  d1fde0d321918adc22002d9072ef23ca
- SHA1
  
  efd66687ec71fa74dd1e6bf438615214abb5fee9
- SHA256
  
  23147bfa63e2ac2add7c57480ab579f6a3d3b6091d480e712b610b1b9b79a4e4
- SHA512
  
  ba876f61d6484db3d441bd7004d03a5d6afa97085fd46d8684d6ba6648af083a4d6300a77f8e16dff754c63158f7be8ee9de81443ae06cb1259c3aed611fca85
- SSDEEP
  
  96:f6HZWp6AqfLNhLLO2cE/BZtit/violx5gSvnG0/KAuKNzLYsyusW4s7NqfyaDW:f650uzNhs4titiolB/GXALWsJsVM8PDW
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral15 behavioral16
- Target
  
  EzExploit/plugins/RconFix.jar
- Size
  
  2KB
- MD5
  
  bb0199fad177d12ac638d2da61f9a4df
- SHA1
  
  25ee0d14cdc31a214e31c042054c82cdd9ad5176
- SHA256
  
  87e3c42b1cdba0b17983ee04ed656d94ebc2101923f4ba4f6dd96dea83705751
- SHA512
  
  26aa5c1f5e1fb172bbd65fd0c91da8e321c982027c7f26a27f2ce7454d8bb9493fc103180e094bfb87e7295217d6dd57b8fbf0ce8df9f5428e6e80c8498e672b
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18