Overview

overview

7

Static

static

1

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

7

.prg/1

ubuntu-18.04-amd64

1

.prg/1

debian-9-armhf

1

.prg/1

debian-9-mips

1

.prg/1

debian-9-mipsel

1

.prg/2

ubuntu-18.04-amd64

1

.prg/2

debian-9-armhf

1

.prg/2

debian-9-mips

1

.prg/2

debian-9-mipsel

1

.prg/3

ubuntu-18.04-amd64

1

.prg/3

debian-9-armhf

1

.prg/3

debian-9-mips

1

.prg/3

debian-9-mipsel

1

.prg/do

ubuntu-18.04-amd64

1

.prg/do

debian-9-armhf

1

.prg/do

debian-9-mips

1

.prg/do

debian-9-mipsel

1

.prg/help

ubuntu-18.04-amd64

1

.prg/kaiten

ubuntu-18.04-amd64

1

.prg/list

ubuntu-18.04-amd64

3

.prg/list

debian-9-armhf

1

.prg/list

debian-9-mips

3

.prg/list

debian-9-mipsel

3

.prg/prg

ubuntu-18.04-amd64

1

.prg/ps

ubuntu-18.04-amd64

1

.prg/pscan2

ubuntu-18.04-amd64

1

.prg/range

ubuntu-18.04-amd64

1

.prg/range

debian-9-armhf

1

.prg/range

debian-9-mips

1

.prg/range

debian-9-mipsel

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ff0188641c06f671d06300cb0de3680

  • Size

    717KB

  • Sample

    231222-ac4xnsfgh7

  • MD5

    2ff0188641c06f671d06300cb0de3680

  • SHA1

    410be4df3f33129550fea13fc5c22ee750dd4a84

  • SHA256

    c68fa73af5bdfd13955d55c2d19c77cf9fb0e1ddb2fbcec9064f78dab35d13c5

  • SHA512

    d03418335c3ea5a9799a71398ddc3b2e447ec849ce0a497b51cd0c7d57c3baa1c7443e4d19e576ef36ba42e045061cd4a5c67c0e25abb4e4e018dd06f725fad8

  • SSDEEP

    12288:Tdj4CUL7lT2TKm1ClU3+/hODwrVrBQQcbiL2tqQc9MgT+wRzdXwg0BUUoH:Z4ZL7w71ClUu/hOD4Vjetfy7hAg0B50

Score
7/10
linux

Malware Config

Targets

    • Target

      sample

    • Size

      1.9MB

    • MD5

      359ce771ba39d6a422f94e6014450c54

    • SHA1

      e2afa9aa9e69708451b2dbeaea9f8b0a91d16a1d

    • SHA256

      6bb2b834a01d1d978447b968e479cd2046ba7da2c87c246ccc1b102668e6b06b

    • SHA512

      510463fcc1b2180e5d34e7b157d56d6e4d999a895a4a5266330e66317081f8cf4c625b5edd75aa57d8f97af9268415dd5a71bc3a07a38903e38f20d4e2226279

    • SSDEEP

      24576:lmV8dJG9L4f0TYRsbalWjFm4z33bavoZ48ZZ2HQ9eMWyOqcge:hzG9LvDbalG04rb6oZ4cQHQwMW

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      .prg/1

    • Size

      189B

    • MD5

      2d5ccac709b948148acd7c7e8b812481

    • SHA1

      1fe3d4b06c1bced4289542629a3af770ef9bff9d

    • SHA256

      246fcc88606c73771e9ccfed22be1ee97636f65156b1076db2e506e16e732db3

    • SHA512

      b677ea3f7cc1f0893de5c0ace03ce21628cdf6d7ec1f84e3c5f2118bd09769b054e0c520dbf3fdbb8f85e9ff384f07ccb6d98c9fabbcbb0e6051a37615effe93

    Score
    1/10
    behavioral3behavioral4behavioral5behavioral6

    • Target

      .prg/2

    • Size

      119B

    • MD5

      72918ad72cbd27a984298570d01553b8

    • SHA1

      ef14c4e5e7ee8ddd71c0802b0176ba915dd8d3fc

    • SHA256

      42237dd0eeacbddd1e07df21cd437cdf9c1b0282ac7b565d51589e57b39bffd1

    • SHA512

      4980d4fe3910dd6139aad4862f0955b11c3ffd5925419f75353de1163955697cbf7b0ae277b769fcd6dd2993ea0a92ad48ea0e555cb2527a56ae710ed7fad12a

    Score
    1/10
    behavioral10behavioral7behavioral8behavioral9

    • Target

      .prg/3

    • Size

      171B

    • MD5

      ed60555f83e16118508269af6e724c66

    • SHA1

      9c4179239a313a98c7fad79580623930770a8616

    • SHA256

      72ee0e9e83d97e793715c1f60cad96ba04e2b54f8cda8790598c826a6e8a0245

    • SHA512

      438609ae0a654787a6f402827c01bd55265516959f11fa933c11f6ca05b5eccd28ad28091fc61ef47ace2e72c54140cc22a18e687229ef67abfed86b3140cf91

    Score
    1/10
    behavioral11behavioral12behavioral13behavioral14

    • Target

      .prg/do

    • Size

      688B

    • MD5

      1c4fcba27716a0f9779a2329d64837e2

    • SHA1

      cc787394e84cce2838fd5cb2bfee568ddac7faec

    • SHA256

      49d57a6ca869a904c229af29d21ca302ce2cd6473cbf1caeb9a24ce2c42841b7

    • SHA512

      29d5aec9cab9e8cbe0ef75f6cbf148008ff6627e97c2857a53b91f07ee9929f69ed5345a455b1647316b46d6117043c6705581b63ff11ac9435002274d6bd0d3

    Score
    1/10
    behavioral15behavioral16behavioral17behavioral18

    • Target

      .prg/help

    • Size

      7KB

    • MD5

      f4e85d30d315e86521f1bf9a49e47378

    • SHA1

      86e283624bb55c501dfa14e6ecd7170303916a33

    • SHA256

      78bd9abff7d199c75dffddd718f316efc93a47b8562f11c3d74ae65486e403be

    • SHA512

      d9ca02a51b4eb815f59e9c0814aefe908fa9139377baa9ebd9c8c9dbeb7f5e53982bb60be311d377d94dd88265961380f0bd4b28016db9de7fe6fe5d1ff252c7

    • SSDEEP

      96:GqTivQcXyE3dpaIh7oaG8xSdE6zGcv/+RGTyoPFp:GqGvLQISU/Mz

    Score
    1/10
    behavioral19

    • Target

      .prg/kaiten

    • Size

      24KB

    • MD5

      e2166215e39366bb887b838bd51294f4

    • SHA1

      9abe9a5793ae117cf1e481980f3257203e2e0192

    • SHA256

      95c5d8ecc73405d714a5ffc009d2c50a6ba601ca94df8e0833ee10bd8a774ae6

    • SHA512

      c1456144433cb5b07e3490a47722342280351845af51a3da528f6472023fca4c0737d69ac696861d594e158069dfb124559bdfbdc9878eae3c02fe66966ab293

    • SSDEEP

      384:edPxHP29lZZMLyqzOVQCDmyy/nbW4AN8t693UKgjKWhLoSRQ:QxvOVZzK/C4+Ujxtox

    Score
    1/10
    behavioral20

    • Target

      .prg/list

    • Size

      322B

    • MD5

      05122bc0c43136241321784053ba01cb

    • SHA1

      f179eeca88c3ba921a95c854d56bf0fbc5b0da7d

    • SHA256

      ee144efbf80ada30a7e5332a5a13fa83f2bcae2d20086e16a579fd1060619463

    • SHA512

      b5464f71a0782953e938435f3678415164c9e9248d38ceff1048374d3021c978e698c53b1272ce39504c24c071f8b11c086d095d24be820cb6cc24eff69c0c15

    Score
    3/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      .prg/prg

    • Size

      822KB

    • MD5

      c7d7e861826a4fa7db2b92b27c36e5e2

    • SHA1

      95a5ff1372f352434525a416570eef4379ebac19

    • SHA256

      8dfe94a1b02d1330886ad4458b32db3da4b872f9c2116657840de499fee5438a

    • SHA512

      c5bf98e94fb0b87cc47b5b32834479c5f02fe75e385153429fcff6bac84e910db80463106fecd338e38174dc7272a6040db2c70cef6a8ddcdf6821c0b5a721ef

    • SSDEEP

      24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ48ZZ2HQ:dzG9LvDbalG04rb6oZ4cQHQ

    Score
    1/10
    behavioral25

    • Target

      .prg/ps

    • Size

      443KB

    • MD5

      b51a52c9c82bb4401659b4c17c60f89f

    • SHA1

      b45ae5d8d3069ee7f880dd461c931fa711b6ad3d

    • SHA256

      97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762

    • SHA512

      600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68

    • SSDEEP

      6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq

    Score
    1/10
    behavioral26

    • Target

      .prg/pscan2

    • Size

      14KB

    • MD5

      2c8a2a49c880bde4e99b68c945fcd085

    • SHA1

      a9d34dd9057013160300ffd8869462502d9fe804

    • SHA256

      0153d92f0bbb05cae5fa3c367421f7d6ee44e41e4a86a4cfcb5632ef2709b18b

    • SHA512

      43e6490e185ec651ed5f3755676f713d19bb45ababca10ee41ea1d48d6a3e889b64b1164a182c57a430eee88e1328c5ffef44606b81461ccce68ac0bc1563408

    • SSDEEP

      192:GR0Hv9VvdZtt2iy6lQBrRvqaIt0muhwJmD0q4IO3U3BI3311PKbwq6S5Mvo2tf1U:dHv9VvdZpfFdnPKbvU3U

    Score
    1/10
    behavioral27

    • Target

      .prg/range

    • Size

      373B

    • MD5

      75d7e6acd88e0b079667f2e28646ad4e

    • SHA1

      359502b5b153dbf799e260efb32bf3e480949499

    • SHA256

      07d9a73b46a44f9d25853d029dc7c41e6f64fc61ed84067ad25545aa37911815

    • SHA512

      2f648f724573f2f8387ddfb33e132c532f87094f0f1bd932d774e7f484dfc8a3417e5d8ecfbaaab50c147c8b5936ac476f5842f006950faff2e53376c3d77d95

    Score
    1/10
    behavioral28behavioral29behavioral30behavioral31

MITRE ATT&CK Enterprise v15

Tasks