Overview

overview

10

Static

static

10

812f7436fb...caed73

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    812f7436fbcae860de341ddf36caed73

  • Size

    6.9MB

  • Sample

    231220-d38kbsacfp

  • MD5

    812f7436fbcae860de341ddf36caed73

  • SHA1

    4d3181dca7723bb2e134128192767bde12766862

  • SHA256

    4aebff8c2df4b2f276f3fd85e9abaf9c68bfe7bb42bc8f0c33c794721c70902e

  • SHA512

    0d9a5525f3a69bc89448f5ba9debec16a6b13ad8564bb2bc6743c1205fe0257d15858a061769e9d81defa466f080dac952a9ced38e4d734f4008c395199e21ad

  • SSDEEP

    98304:XbqAyMjk9vhqo3UMK24CpIsKr/eMj2WIX:LLyMw7qo9m7jf1

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      812f7436fbcae860de341ddf36caed73

    • Size

      6.9MB

    • MD5

      812f7436fbcae860de341ddf36caed73

    • SHA1

      4d3181dca7723bb2e134128192767bde12766862

    • SHA256

      4aebff8c2df4b2f276f3fd85e9abaf9c68bfe7bb42bc8f0c33c794721c70902e

    • SHA512

      0d9a5525f3a69bc89448f5ba9debec16a6b13ad8564bb2bc6743c1205fe0257d15858a061769e9d81defa466f080dac952a9ced38e4d734f4008c395199e21ad

    • SSDEEP

      98304:XbqAyMjk9vhqo3UMK24CpIsKr/eMj2WIX:LLyMw7qo9m7jf1

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks