Overview

overview

10

Static

static

10

ae9e7593d2...7f4fe2

debian-9-armhf

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ae9e7593d267ba798060d23a687f4fe2

  • Size

    6.9MB

  • Sample

    231220-n2h86aaef9

  • MD5

    ae9e7593d267ba798060d23a687f4fe2

  • SHA1

    2d1e207ee1876a68f6d04d0c3ff0feb2e13cb017

  • SHA256

    e6ae5f2a641243d4990ece8fa72ac0865bac5a629d959c474c54168f41c2ff3d

  • SHA512

    cfcbf51d8d8dafa1c6bfcc8fee604d134c4e93b363440ce7257bb71b098580d34e0a74008bb01a4ca7ce62a87ff031a2d0c0b457730fe516c6ae46e74788c675

  • SSDEEP

    49152:dpm/HLO7fCprVa7Am2V9CyJXHWYjbbFM9AkSJG1BWUlMX:dpCHL1pro7AiyVxjb2WmoX

Score
10/10
stealthworkerbotnetpersistence

Malware Config

Targets

    • Target

      ae9e7593d267ba798060d23a687f4fe2

    • Size

      6.9MB

    • MD5

      ae9e7593d267ba798060d23a687f4fe2

    • SHA1

      2d1e207ee1876a68f6d04d0c3ff0feb2e13cb017

    • SHA256

      e6ae5f2a641243d4990ece8fa72ac0865bac5a629d959c474c54168f41c2ff3d

    • SHA512

      cfcbf51d8d8dafa1c6bfcc8fee604d134c4e93b363440ce7257bb71b098580d34e0a74008bb01a4ca7ce62a87ff031a2d0c0b457730fe516c6ae46e74788c675

    • SSDEEP

      49152:dpm/HLO7fCprVa7Am2V9CyJXHWYjbbFM9AkSJG1BWUlMX:dpCHL1pro7AiyVxjb2WmoX

    Score
    6/10
    persistence

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks