Overview

overview

10

Static

static

10

f8add7e716...a535bf

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8add7e7161460ea2b1970cf4ca535bf

  • Size

    7.0MB

  • Sample

    231220-v5a6aaahf8

  • MD5

    f8add7e7161460ea2b1970cf4ca535bf

  • SHA1

    f383f4b6cb6778f05baf9713ce6661329da3ecd5

  • SHA256

    cd3989830da99a69380901769fd78902efb3cd8ba5c9390e94bd4333b7fad186

  • SHA512

    90d73c1eb79a55e25acf9c6ddc4620dfba8b7cdc09e93f53a3218e7b85e1b53df5d1fe9c979af48b7218709848ce63fdc7f927d72f93afd805cc3f4fe79d04c7

  • SSDEEP

    98304:wuNe6mfQBtMdq+Khq+wfpL+Gd+r2R/i75LBJL7IX:dE6mYcdqhR7jJX

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      f8add7e7161460ea2b1970cf4ca535bf

    • Size

      7.0MB

    • MD5

      f8add7e7161460ea2b1970cf4ca535bf

    • SHA1

      f383f4b6cb6778f05baf9713ce6661329da3ecd5

    • SHA256

      cd3989830da99a69380901769fd78902efb3cd8ba5c9390e94bd4333b7fad186

    • SHA512

      90d73c1eb79a55e25acf9c6ddc4620dfba8b7cdc09e93f53a3218e7b85e1b53df5d1fe9c979af48b7218709848ce63fdc7f927d72f93afd805cc3f4fe79d04c7

    • SSDEEP

      98304:wuNe6mfQBtMdq+Khq+wfpL+Gd+r2R/i75LBJL7IX:dE6mYcdqhR7jJX

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks