Overview

overview

7

Static

static

1

gosh/a

ubuntu-18.04-amd64

7

gosh/a

debian-9-armhf

7

gosh/a

debian-9-mips

7

gosh/a

debian-9-mipsel

7

gosh/gen-pass.sh

ubuntu-18.04-amd64

1

gosh/gen-pass.sh

debian-9-armhf

1

gosh/gen-pass.sh

debian-9-mips

1

gosh/gen-pass.sh

debian-9-mipsel

1

gosh/hpiod

ubuntu-18.04-amd64

1

gosh/pico

ubuntu-18.04-amd64

gosh/pscan2

ubuntu-18.04-amd64

gosh/screen

ubuntu-18.04-amd64

7

gosh/screen

debian-9-armhf

7

gosh/screen

debian-9-mips

7

gosh/screen

debian-9-mipsel

7

gosh/secure

ubuntu-18.04-amd64

gosh/secure

debian-9-armhf

gosh/secure

debian-9-mips

gosh/secure

debian-9-mipsel

gosh/ss

ubuntu-18.04-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    568a518b57cdad31ef47523ad3b1dbf7

  • Size

    1.5MB

  • Sample

    231222-dcsfeshdbp

  • MD5

    568a518b57cdad31ef47523ad3b1dbf7

  • SHA1

    942b641e1aa4b4a8df90227f92eb6491529892d7

  • SHA256

    2e5417762343d2d13a7da7f4fac684947ea0d3720d6d6c252e60541db1c37a27

  • SHA512

    e66174d15ecbe0c92d0028cef34f19c3efbc6517293436ef5dbcd3ecda622abdf3d141d1edf6f78b1ef199897cd3c4f6486feb60df0deafe4e2ec4b266fbda89

  • SSDEEP

    24576:L8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQclJfpBBeMWyO:wzG9LvDbalG04rb6oZ4EQHQOB8MW

Score
7/10
linux

Malware Config

Targets

    • Target

      gosh/a

    • Size

      276B

    • MD5

      ed0623474bb93d1f820b04d8582c24e6

    • SHA1

      55d2d7da87c67f98004573bca4bb000f9b3e7436

    • SHA256

      836366ac82a737ab916efe9a27ae428b157535f535ac2917fd7afc948aa54df5

    • SHA512

      c894872ec37aa1ae444ce6401f3fe9f66596674eacf1fd5bfcc69b6cbc4e74738d532be95e2952b6bdd71e243e876ad8c60f0e469af0045deb932002f6eb23ce

    Score
    7/10

    • Changes its process name

    behavioral1behavioral2behavioral3behavioral4

    • Target

      gosh/gen-pass.sh

    • Size

      265B

    • MD5

      615c08bb1acdf2f21490450991766187

    • SHA1

      6fca943c9d31ef25cd9263e576021206943c03d5

    • SHA256

      e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074

    • SHA512

      5cc82a0ba4ce23d6598a719fff2406456a9b8708cfd25572044b180ad3bc64365da3dc2b39e07c357bcb7e9a5706db752dc770524410321e9c06fb9d19d6930b

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

    • Target

      gosh/hpiod

    • Size

      822KB

    • MD5

      a213ebd69fbc11d612d0374b373f65d8

    • SHA1

      4f64a5b07b0c128771ea21bf4aa15610fc6b071c

    • SHA256

      93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd

    • SHA512

      eb1f005984d50cfd40f26730e8206d9455c1f3560ba90338019911987d2c401e93e70c7565ac68c291a19e04d346fc01cc7b8eaa57942bbcad5d64ab543ad5a3

    • SSDEEP

      24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ:dzG9LvDbalG04rb6oZ4EQHQ

    Score
    1/10
    behavioral9

    • Target

      gosh/pico

    • Size

      164KB

    • MD5

      51c7f3ec60f1613aa5202f26d9248ed1

    • SHA1

      835ab0aba3740fcf80fe7238ef4d089d8c5a72c1

    • SHA256

      5e092470ec616d5b866aab0f1a69309b74a48567eec7a250c9a328901a21a498

    • SHA512

      424071e10216836567266cda5ab18876943817e731272ca68f1b96d00e80cef90c286aa5c46fdd5d963014282f39964f46905bda2e18309d6692383e24b5b8b6

    • SSDEEP

      3072:6vq0piaD1aJ3INN6QhldW6dV/T76+eRWPdrJlkODLm729xJtyv0t:6vtjDsYNJdW6dV/T76aPdrJlkOHm729b

    Score
    1/10
    behavioral10

    • Target

      gosh/pscan2

    • Size

      20KB

    • MD5

      acba0143d0cbcf8092b8b44d914d7983

    • SHA1

      dd78792e0efcc8b116341538084f64a19e291432

    • SHA256

      cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764

    • SHA512

      d3f761e04b4bb178d586e8ce6d4bdf845d9144609fa62637ddc1333fa302574cfcb071873b14140d81e5271f52b17fdac2c1fb870702bdf00e44ae2a22acade1

    • SSDEEP

      384:fuUyGp50UZlh5aLhOBbdbFsc8aApFW60Vfo:W5CtHaLhOBbdb2c8aApFkBo

    Score
    1/10
    behavioral11

    • Target

      gosh/screen

    • Size

      41KB

    • MD5

      092bdbd06cf268318e01adde8f5aa06c

    • SHA1

      7054b2e1495c3ca6b68a2408c7911d66649b45f9

    • SHA256

      fd23efdc443132fd2476017c749e4fd02cceb21414549899a64b1968584ce530

    • SHA512

      da7e64d4d0cc735f3b36408e6e881695de829e7613553ff5218e7d054436666571bdaffe00fa1bc43f6d958552e1eabbe41f6fee6832e1c19fc535b4533a7a82

    • SSDEEP

      384:S0FINvSo5o/DQIoq47z2YEEFXB/BfZ4zLZP1hncu/tpbOfvuy/97M8j:tCXIoq47z2YEmXB/BshvbSZP

    Score
    7/10

    • Changes its process name

    behavioral12behavioral13behavioral14behavioral15

    • Target

      gosh/secure

    • Size

      231B

    • MD5

      30dc39775293c86a83501ace99c8d316

    • SHA1

      2f6e0014645879d34c40f3ba8724ea10b878d0d0

    • SHA256

      ab90b9f37ba7825b9b72dfddd03f0d678151204945920733f018429a35fca5c9

    • SHA512

      6a295b06d37d5a0daa9c8bb61f688e7cd10621d2097c164d7a56618256c8de89ed750cdd53a32301a9e7bdd69d54289eac91cf803ce85d4a1dacf6dc473e41e2

    Score
    1/10
    behavioral16behavioral17behavioral18behavioral19

    • Target

      gosh/ss

    • Size

      443KB

    • MD5

      b51a52c9c82bb4401659b4c17c60f89f

    • SHA1

      b45ae5d8d3069ee7f880dd461c931fa711b6ad3d

    • SHA256

      97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762

    • SHA512

      600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68

    • SSDEEP

      6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq

    Score
    1/10
    behavioral20

MITRE ATT&CK Matrix

Tasks