Overview

overview

3

Static

static

1

gosh/3.vbs

windows7-x64

1

gosh/3.vbs

windows10-2004-x64

1

gosh/gen-pass.sh

ubuntu-18.04-amd64

1

gosh/gen-pass.sh

debian-9-armhf

1

gosh/gen-pass.sh

debian-9-mips

1

gosh/gen-pass.sh

debian-9-mipsel

1

gosh/go.sh

windows7-x64

3

gosh/go.sh

windows10-2004-x64

3

gosh/pscan2

ubuntu-18.04-amd64

gosh/secure

ubuntu-18.04-amd64

3

gosh/secure

debian-9-armhf

3

gosh/secure

debian-9-mips

3

gosh/secure

debian-9-mipsel

3

gosh/ss

ubuntu-18.04-amd64

1

gosh/ssh-scan

ubuntu-18.04-amd64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67e4df833700756823dc19aa2ad48719

  • Size

    1.5MB

  • Sample

    231222-fgjp7aefcq

  • MD5

    67e4df833700756823dc19aa2ad48719

  • SHA1

    04c41d00a0da4727a9d8f69df505dd2cac6380db

  • SHA256

    680b041714321eb33ffb01e92864b1dcd90123eb1ca4f20e0fc4ec3956114a9e

  • SHA512

    b29676690e1522b03564136970b727b1d778dd5d55fe31c1bd07bc80f5c7816f9d6548404cef5230b6666b6b26096e8cba7f50d31ba92d18f24bcd714fd95e89

  • SSDEEP

    24576:ij3IW5QMM10vqgRSL0pqo2lL3WK3L9HD4lHsjZ9dGGsYWpLLtykdQzuVBvVxH+rB:iDIGiOidL48WpvEBC3Vxer9YsaY

Score
3/10
linux

Malware Config

Targets

    • Target

      gosh/3

    • Size

      25KB

    • MD5

      734eeb2902e68add8c896141736612aa

    • SHA1

      669ef3ef451499a095ca0bd44bea9fec550341b3

    • SHA256

      353b5b16084dafe73aa1f27659db82de4f26263fe870cabe245f3c296835f1a9

    • SHA512

      f167fe989e720993dac1b09f739a45924454594889bdaf2b05f6a821065e7cb769cd8d9fafc8c33abd6b35b6ac20cc0fdec356df7dc3e2c81fbdd0ad9b7ed1aa

    • SSDEEP

      768:IB5dl0ZbquFc1onBM7rK+xvr7b1W9OvNtMn:IBL+nFhC797+OvNg

    Score
    1/10
    behavioral1behavioral2

    • Target

      gosh/gen-pass.sh

    • Size

      265B

    • MD5

      615c08bb1acdf2f21490450991766187

    • SHA1

      6fca943c9d31ef25cd9263e576021206943c03d5

    • SHA256

      e7031aaa218f814ec442f7fc5cc545980a537d777db491c425d60f0be3366074

    • SHA512

      5cc82a0ba4ce23d6598a719fff2406456a9b8708cfd25572044b180ad3bc64365da3dc2b39e07c357bcb7e9a5706db752dc770524410321e9c06fb9d19d6930b

    Score
    1/10
    behavioral3behavioral4behavioral5behavioral6

    • Target

      gosh/go.sh

    • Size

      94B

    • MD5

      92c4c68480e699aa012b26c82a787248

    • SHA1

      22fabcf0079b2b4cf158e897e5a920f8eeb7692a

    • SHA256

      d87ce8ecce44c00db9606ae2185a1ed7d9585cba50e949710daa46a32da48249

    • SHA512

      7594211854756cf1a18584bf8ef792a8cd6f884d0941dc47d755355282ba324b2d498cce7b747e36081503412462a9d76b3a4d9a95c255888fc16a63e8833a5f

    Score
    3/10
    behavioral7behavioral8

    • Target

      gosh/pscan2

    • Size

      20KB

    • MD5

      acba0143d0cbcf8092b8b44d914d7983

    • SHA1

      dd78792e0efcc8b116341538084f64a19e291432

    • SHA256

      cc3f6c535787c71bed14ec8ac3b6feb59fe3b09fc53c69f1fe592103f2632764

    • SHA512

      d3f761e04b4bb178d586e8ce6d4bdf845d9144609fa62637ddc1333fa302574cfcb071873b14140d81e5271f52b17fdac2c1fb870702bdf00e44ae2a22acade1

    • SSDEEP

      384:fuUyGp50UZlh5aLhOBbdbFsc8aApFW60Vfo:W5CtHaLhOBbdb2c8aApFkBo

    Score
    1/10
    behavioral9

    • Target

      gosh/secure

    • Size

      197B

    • MD5

      39acbfc1e983e45308cdab2d3ec4bf34

    • SHA1

      f8f712474d0c1e80126f8fc91e9ffd819f7d7f45

    • SHA256

      b7bfce3e886608199e7dd31bcd4af0d84eaa90267e45273278e8826dfa993133

    • SHA512

      e1f6782e1130deb6dd27e922e663136e0896747819c853750b237d2dd18e1951e4796c65bdc3bd4e77974afe8880a8309e495440abde920a5f9f6b40bc7512b6

    Score
    3/10
    behavioral10behavioral11behavioral12behavioral13

    • Target

      gosh/ss

    • Size

      443KB

    • MD5

      b51a52c9c82bb4401659b4c17c60f89f

    • SHA1

      b45ae5d8d3069ee7f880dd461c931fa711b6ad3d

    • SHA256

      97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762

    • SHA512

      600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68

    • SSDEEP

      6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq

    Score
    1/10
    behavioral14

    • Target

      gosh/ssh-scan

    • Size

      822KB

    • MD5

      a213ebd69fbc11d612d0374b373f65d8

    • SHA1

      4f64a5b07b0c128771ea21bf4aa15610fc6b071c

    • SHA256

      93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd

    • SHA512

      eb1f005984d50cfd40f26730e8206d9455c1f3560ba90338019911987d2c401e93e70c7565ac68c291a19e04d346fc01cc7b8eaa57942bbcad5d64ab543ad5a3

    • SSDEEP

      24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ:dzG9LvDbalG04rb6oZ4EQHQ

    Score
    1/10
    behavioral15

MITRE ATT&CK Enterprise v15

Tasks