Overview

overview

10

Static

static

10

fabdcc80bc...4eef6c

ubuntu-18.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fabdcc80bc425b814e83962d104eef6c

  • Size

    7.0MB

  • Sample

    231220-v9sacsceb2

  • MD5

    fabdcc80bc425b814e83962d104eef6c

  • SHA1

    e5f5b30c22051f8c37df092516c62f2aa86403b1

  • SHA256

    129ff78e405aa6abe96453a2b480f446680f912f5512a9e0e67a15c871d3bfd5

  • SHA512

    4609f13607b94b2f2d146019b55b827658bc4890e92e776a8c68d38a3a8a1cec2fa995594986ac2b2a8c53367a4111f0517069f0abe61cf645818f166ddfb1b4

  • SSDEEP

    98304:n4qmZmgSoh0iDxpRqVlaCM/ieYCXfhxIX:4hZml0Dx3eeipCXZx

Score
10/10
stealthworkerantivmbotnetlinuxpersistence

Malware Config

Targets

    • Target

      fabdcc80bc425b814e83962d104eef6c

    • Size

      7.0MB

    • MD5

      fabdcc80bc425b814e83962d104eef6c

    • SHA1

      e5f5b30c22051f8c37df092516c62f2aa86403b1

    • SHA256

      129ff78e405aa6abe96453a2b480f446680f912f5512a9e0e67a15c871d3bfd5

    • SHA512

      4609f13607b94b2f2d146019b55b827658bc4890e92e776a8c68d38a3a8a1cec2fa995594986ac2b2a8c53367a4111f0517069f0abe61cf645818f166ddfb1b4

    • SSDEEP

      98304:n4qmZmgSoh0iDxpRqVlaCM/ieYCXfhxIX:4hZml0Dx3eeipCXZx

    Score
    6/10
    antivmpersistence

    • Checks CPU configuration

      Checks CPU information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks