47ceeaabf4c2185472e99fd8544f0b211fe8d876a9edd9fe504b6e3b0eb7cfd5 | Triage

Sharing

General

Target

7607eb1dd67869d255ed26b06841370f
Size

25KB
Sample

231220-a51qqadacj
MD5

7607eb1dd67869d255ed26b06841370f
SHA1

5b5800608056a2d95105f561baee3e45790f9856
SHA256

47ceeaabf4c2185472e99fd8544f0b211fe8d876a9edd9fe504b6e3b0eb7cfd5
SHA512

e36df947d8098d4d586157710e094c1cf1f1c6fe4c97e341111e0f616144182e289cb5307f35ef9a76fc547bda64dfc8d2fab53eecbe0571034a5c6086aa7471
SSDEEP

384:hCqWwP5ZiqIYZEQvB7Abd+dRkWTCM4arXd69KYdLSBLDnNxlFx4ep7s:hr9RfPvB7AbeRkuCMTrGw3nN05

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  7607eb1dd67869d255ed26b06841370f
- Size
  
  25KB
- MD5
  
  7607eb1dd67869d255ed26b06841370f
- SHA1
  
  5b5800608056a2d95105f561baee3e45790f9856
- SHA256
  
  47ceeaabf4c2185472e99fd8544f0b211fe8d876a9edd9fe504b6e3b0eb7cfd5
- SHA512
  
  e36df947d8098d4d586157710e094c1cf1f1c6fe4c97e341111e0f616144182e289cb5307f35ef9a76fc547bda64dfc8d2fab53eecbe0571034a5c6086aa7471
- SSDEEP
  
  384:hCqWwP5ZiqIYZEQvB7Abd+dRkWTCM4arXd69KYdLSBLDnNxlFx4ep7s:hr9RfPvB7AbeRkuCMTrGw3nN05
Score

9^/10

discovery
- Contacts a large (23508) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1