Overview

overview

10

Static

static

10

24a77a79f3...45b2f2

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24a77a79f3d38bd861b460e4f545b2f2

  • Size

    7.0MB

  • Sample

    231219-2pebbscdbk

  • MD5

    24a77a79f3d38bd861b460e4f545b2f2

  • SHA1

    b5ac9ef4705488da27f63fa5554621cb1e24b578

  • SHA256

    9d3cd867000e9885db703600c1b3f80e31fbdca8b42195fe3a0459fc78f7b40b

  • SHA512

    77cba0896bada263953d2aa4bf8dfc6f356dac776cb407fd5f7e424cdf7d0c062b21007621a339a602a64f4edffc9196ad618f8bcb8aa0fb6926a5f05de4b67a

  • SSDEEP

    98304:HeTKhZ9Dnw8r/MlwzBVw8Vt7Bxnam/3IX:++hZVnFO2F9N/

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      24a77a79f3d38bd861b460e4f545b2f2

    • Size

      7.0MB

    • MD5

      24a77a79f3d38bd861b460e4f545b2f2

    • SHA1

      b5ac9ef4705488da27f63fa5554621cb1e24b578

    • SHA256

      9d3cd867000e9885db703600c1b3f80e31fbdca8b42195fe3a0459fc78f7b40b

    • SHA512

      77cba0896bada263953d2aa4bf8dfc6f356dac776cb407fd5f7e424cdf7d0c062b21007621a339a602a64f4edffc9196ad618f8bcb8aa0fb6926a5f05de4b67a

    • SSDEEP

      98304:HeTKhZ9Dnw8r/MlwzBVw8Vt7Bxnam/3IX:++hZVnFO2F9N/

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks