Overview

overview

6

Static

static

1

.gosh/f

ubuntu-18.04-amd64

1

.gosh/prg

ubuntu-18.04-amd64

1

.gosh/ps

ubuntu-18.04-amd64

6

.gosh/ps

debian-9-armhf

6

.gosh/ps

debian-9-mips

6

.gosh/ps

debian-9-mipsel

6

.gosh/pscan2

ubuntu-18.04-amd64

1

.gosh/randus

ubuntu-18.04-amd64

1

.gosh/randus

debian-9-armhf

1

.gosh/randus

debian-9-mips

1

.gosh/randus

debian-9-mipsel

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6cbf942195c6274a067baa3235080b20

  • Size

    579KB

  • Sample

    231222-fny4fsaag2

  • MD5

    6cbf942195c6274a067baa3235080b20

  • SHA1

    e56f19ff2e4c253df8e6434c08ac8ddfdd296449

  • SHA256

    ff3bda813b7b60df1be10565cdb422224bb7bf05fc1872c9fbb233200ba25b75

  • SHA512

    860f080264f2f044c282bcb3be2338a95a739627bd235ed51929d7c3d1ba5914ca169ce54e85034f3e60b4763a439c1788b5f0636c56acec33200f06460d556d

  • SSDEEP

    12288:OfgrcDKQWoIb08iBiZ8TWDfoqCWMlmKU5IjTsy6w8uWKUDV7khGjq:6C2EZGGwqGmKUijTSjuWKmehGjq

Score
6/10
linux

Malware Config

Targets

    • Target

      .gosh/f

    • Size

      443KB

    • MD5

      b51a52c9c82bb4401659b4c17c60f89f

    • SHA1

      b45ae5d8d3069ee7f880dd461c931fa711b6ad3d

    • SHA256

      97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762

    • SHA512

      600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68

    • SSDEEP

      6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq

    Score
    1/10
    behavioral1

    • Target

      .gosh/prg

    • Size

      822KB

    • MD5

      a213ebd69fbc11d612d0374b373f65d8

    • SHA1

      4f64a5b07b0c128771ea21bf4aa15610fc6b071c

    • SHA256

      93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd

    • SHA512

      eb1f005984d50cfd40f26730e8206d9455c1f3560ba90338019911987d2c401e93e70c7565ac68c291a19e04d346fc01cc7b8eaa57942bbcad5d64ab543ad5a3

    • SSDEEP

      24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ:dzG9LvDbalG04rb6oZ4EQHQ

    Score
    1/10
    behavioral2

    • Target

      .gosh/ps

    • Size

      978B

    • MD5

      0fb40555729b18c160840970b64efbd1

    • SHA1

      fe0285a16a0af7e6e2b0517fedf33759a35f9815

    • SHA256

      8cde776130ccffaa1e3147cec59c8b44e00634613395926ecb7c98d9cc21f983

    • SHA512

      6c26ca3e36ada5884c383166b8b193bb6512456fe0c4447b7ebd2eb5829837f390500fa3a03555cb77a51cd0e721098699f4fb8fc938776c674616a0db9a4e17

    Score
    6/10

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads CPU attributes

    behavioral3behavioral4behavioral5behavioral6

    • Target

      .gosh/pscan2

    • Size

      12KB

    • MD5

      b75c6788838370c1475a23f365c08906

    • SHA1

      ba6a7afecf600b746744ae0d689dbbf86bdb4c00

    • SHA256

      adfc531a89337f7ba8633724b49e7f53e269a2aefb8b90bcbf6c00c5ed6a990e

    • SHA512

      b35ed131d268b5d303cbdf14f9625e7a2c4b1f2383efc4932a5e6cb7eac4cf49b8ba02eb7e82e971039cd50c005e1e3fd866354c919d3dced274baf7696711f0

    • SSDEEP

      192:GI7SPgOeM0ausw+qVtLZojMLO/y+2W07S7Ca0bMSCFaXw:7SPt0aulMMLO/y+p+2t

    Score
    1/10
    behavioral7

    • Target

      .gosh/randus

    • Size

      1KB

    • MD5

      f86f63e0e90b73502d7537c1b534e2a4

    • SHA1

      09920b4a460aedcb34b1cbe27a9e9ee87a08ffc2

    • SHA256

      8dc39dc84937e1ccb5afb644433916cd652f07d09044825d7036c61bc4720fa3

    • SHA512

      00d2e5453bf51bf20f3a51ecfa3b29324dc46cf613dbc16d1e2f42f57de757d9a1755be02d6290f98a33a8494c9f5b3b33e2a66204aa71e37b2ee93d32ba3061

    Score
    1/10
    behavioral10behavioral11behavioral8behavioral9

MITRE ATT&CK Enterprise v15

Tasks