Overview

overview

10

Static

static

10

0adc73b8cf...6860c6

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0adc73b8cf912d57e594bab3466860c6

  • Size

    7.0MB

  • Sample

    231219-2dg8vagbdp

  • MD5

    0adc73b8cf912d57e594bab3466860c6

  • SHA1

    65d1f9d28783f5ea5b23d96ce16bb661a5f9a3ce

  • SHA256

    d92587ee5e763f9d961fded9be3ba0a2fe95e311254c9d2c4135c7a1238672bf

  • SHA512

    3d4e52af9109ea2de90027e895d511685f9047cbbc6266a401e28835eb92de7766e48e9f62700de0bab365bff0286a24005d7bead63c4a8b2ea2a3c9b6b98f6d

  • SSDEEP

    98304:kuNe6mfQBtMdq+Khq+wfpL+Gd+r2R/v75LBJL7IX:pE6mYcdqhc7jJX

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      0adc73b8cf912d57e594bab3466860c6

    • Size

      7.0MB

    • MD5

      0adc73b8cf912d57e594bab3466860c6

    • SHA1

      65d1f9d28783f5ea5b23d96ce16bb661a5f9a3ce

    • SHA256

      d92587ee5e763f9d961fded9be3ba0a2fe95e311254c9d2c4135c7a1238672bf

    • SHA512

      3d4e52af9109ea2de90027e895d511685f9047cbbc6266a401e28835eb92de7766e48e9f62700de0bab365bff0286a24005d7bead63c4a8b2ea2a3c9b6b98f6d

    • SSDEEP

      98304:kuNe6mfQBtMdq+Khq+wfpL+Gd+r2R/v75LBJL7IX:pE6mYcdqhc7jJX

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks