Overview

overview

10

Static

static

10

fa60e0718c...559dd3

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa60e0718cb40848d292bfc36b559dd3

  • Size

    7.0MB

  • Sample

    231220-v81kcacbg4

  • MD5

    fa60e0718cb40848d292bfc36b559dd3

  • SHA1

    9f2bc0fb16c07deb196a6f463ec8664926d0d3f4

  • SHA256

    f2b23838546f8a6aa59546939f3d96c049015c1924efcdcc3cec19e772568342

  • SHA512

    ba3fef499e17c396eba043b2d4e8af1b83db122e5cfacadd95bea68e0b2855dc09450b5a65744d0759400979b7dce2c3b86475bef6827fd63c12bddfd3f00075

  • SSDEEP

    98304:K4qmZmgSoh0iDxpRqVlaCMzieYCXfhxIX:1hZml0Dx3e2ipCXZx

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      fa60e0718cb40848d292bfc36b559dd3

    • Size

      7.0MB

    • MD5

      fa60e0718cb40848d292bfc36b559dd3

    • SHA1

      9f2bc0fb16c07deb196a6f463ec8664926d0d3f4

    • SHA256

      f2b23838546f8a6aa59546939f3d96c049015c1924efcdcc3cec19e772568342

    • SHA512

      ba3fef499e17c396eba043b2d4e8af1b83db122e5cfacadd95bea68e0b2855dc09450b5a65744d0759400979b7dce2c3b86475bef6827fd63c12bddfd3f00075

    • SSDEEP

      98304:K4qmZmgSoh0iDxpRqVlaCMzieYCXfhxIX:1hZml0Dx3e2ipCXZx

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks