stealthworker | 129ff78e405aa6abe96453a2b480f446680f912f5512a9e0e67a15c871d3bfd5 | Triage

Submit
Reports

Overview

overview

Static

static

fabdcc80bc...4eef6c

ubuntu-18.04-amd64

6

Sharing

General

Target

fabdcc80bc425b814e83962d104eef6c
Size

7.0MB
Sample

231220-v9sacsceb2
MD5

fabdcc80bc425b814e83962d104eef6c
SHA1

e5f5b30c22051f8c37df092516c62f2aa86403b1
SHA256

129ff78e405aa6abe96453a2b480f446680f912f5512a9e0e67a15c871d3bfd5
SHA512

4609f13607b94b2f2d146019b55b827658bc4890e92e776a8c68d38a3a8a1cec2fa995594986ac2b2a8c53367a4111f0517069f0abe61cf645818f166ddfb1b4
SSDEEP

98304:n4qmZmgSoh0iDxpRqVlaCM/ieYCXfhxIX:4hZml0Dx3eeipCXZx

Score

10^/10

stealthworker antivm botnet linux persistence

Static task

static1

botnet stealthworker

2 signatures

Behavioral task

behavioral1

Sample

fabdcc80bc425b814e83962d104eef6c

Resource

ubuntu1804-amd64-20231215-en

antivm persistence

ubuntu-18.04-amd64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  fabdcc80bc425b814e83962d104eef6c
- Size
  
  7.0MB
- MD5
  
  fabdcc80bc425b814e83962d104eef6c
- SHA1
  
  e5f5b30c22051f8c37df092516c62f2aa86403b1
- SHA256
  
  129ff78e405aa6abe96453a2b480f446680f912f5512a9e0e67a15c871d3bfd5
- SHA512
  
  4609f13607b94b2f2d146019b55b827658bc4890e92e776a8c68d38a3a8a1cec2fa995594986ac2b2a8c53367a4111f0517069f0abe61cf645818f166ddfb1b4
- SSDEEP
  
  98304:n4qmZmgSoh0iDxpRqVlaCM/ieYCXfhxIX:4hZml0Dx3eeipCXZx
Score

6^/10

antivm persistence
- Checks CPU configuration
  Checks CPU information which indicate if the system is a virtual machine.
  antivm
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

botnetstealthworker

behavioral1

antivmpersistence

© 2018-2025

Terms | Privacy