stealthworker | c50a127a75d7c40a214b51c5d07cc25186b5aaac9374f7fc92398cc82a349ce2 | Triage

Sharing

General

Target

55a44157eb9bb9ee1a7b6ec8cfa8b00d
Size

6.9MB
Sample

231219-29fpwsffh6
MD5

55a44157eb9bb9ee1a7b6ec8cfa8b00d
SHA1

0514ef45e7b5a2ce8feb3c698b2cf986f2823d73
SHA256

c50a127a75d7c40a214b51c5d07cc25186b5aaac9374f7fc92398cc82a349ce2
SHA512

3c2c24b0b337b018ca7c58a4f648f5bbb5cda3e1d654fe19f289d57ea5596da78d9524ded66159ab800305c9648d578a6db959033bf44e41d37109e710b66642
SSDEEP

49152:WUZ2RSlXb04LALt7ulksREeTrC3UtaYraYO7pbeVBnOWtz5zRgUsH9KVVRpbHg8s:FPlL04o7TsyevCiahwMFKDb62y4IX

Score

10^/10

stealthworker botnet linux persistence

Malware Config

Targets

- Target
  
  55a44157eb9bb9ee1a7b6ec8cfa8b00d
- Size
  
  6.9MB
- MD5
  
  55a44157eb9bb9ee1a7b6ec8cfa8b00d
- SHA1
  
  0514ef45e7b5a2ce8feb3c698b2cf986f2823d73
- SHA256
  
  c50a127a75d7c40a214b51c5d07cc25186b5aaac9374f7fc92398cc82a349ce2
- SHA512
  
  3c2c24b0b337b018ca7c58a4f648f5bbb5cda3e1d654fe19f289d57ea5596da78d9524ded66159ab800305c9648d578a6db959033bf44e41d37109e710b66642
- SSDEEP
  
  49152:WUZ2RSlXb04LALt7ulksREeTrC3UtaYraYO7pbeVBnOWtz5zRgUsH9KVVRpbHg8s:FPlL04o7TsyevCiahwMFKDb62y4IX
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

botnetstealthworker

behavioral1