aeee95ee29c0431fe98eb5be3d5b7b492c0a0da480bd49c6e4b99666f15ed868 | Triage

Sharing

General

Target

acfe4e93f1cdbaf23f682a9625fd7f37
Size

204KB
Sample

231222-q3jx7acacp
MD5

acfe4e93f1cdbaf23f682a9625fd7f37
SHA1

04d3e7525ec13169c992e1ea26433db00d8fe098
SHA256

aeee95ee29c0431fe98eb5be3d5b7b492c0a0da480bd49c6e4b99666f15ed868
SHA512

58d8140be7489c48741d8436e466e62032816526d25952fe3fa48551d10b78bbd7bcb30eaf2468a7533564094df833ba8a7d91f84073be0958b78e0978151c1c
SSDEEP

6144:Itj18YTIi1V9+Y77Qmdo8atbZ3Z6ZHOCU5fUnlmNbvUITk:Iv8sZV8sZ7sk5OXUnSb88k

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  sc/L
- Size
  
  408B
- MD5
  
  87e05775a0ba9e28644526d429a8f547
- SHA1
  
  a79c99810bdedcf7651b1a771939714c17b0acc8
- SHA256
  
  449381e564580872be339f52fe64b8cab3b7c36a8c2059bba8da0e14071e5a60
- SHA512
  
  d4676cab0f31e26a195d64fd9be769e8b768252bdeef4a8e2ae2d877c52ab95a67ca56ae638e9833e8128e3c7394c01c407eaf70893a191c5e718adf4f68038f
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Schedules an At job
  Schedules a job to be run using the at command.
  persistence
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  sc/exim
- Size
  
  11KB
- MD5
  
  c0347a62042023782bd571e73869ce84
- SHA1
  
  85315bbe34ee70eecc5809f722baf4f5d0f39609
- SHA256
  
  c692b9e2b8c45c7e724af8c840133c308d947b7d872a0e99e8980d644d99d31f
- SHA512
  
  34b75aa205c646dd50f8f0ee88c11afa6fcb6b66c906b832d5cd46c04f0566fd53c2c0585246ccfe99c245dcadd793a4d7bde965b3fc6b8c0f379ad7114da5f2
- SSDEEP
  
  192:fgY2alL4AXrZmatZk2BaeFtY7nKdT3Z5D1c+SUtXPHjENyN1:fgGL4eRtJBZfT3ZZ1cZ6DT
Score

1^/10
behavioral5
- Target
  
  sc/ss
- Size
  
  443KB
- MD5
  
  b51a52c9c82bb4401659b4c17c60f89f
- SHA1
  
  b45ae5d8d3069ee7f880dd461c931fa711b6ad3d
- SHA256
  
  97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762
- SHA512
  
  600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68
- SSDEEP
  
  6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq
Score

1^/10
behavioral6
- Target
  
  sc/x.pl
- Size
  
  2KB
- MD5
  
  6c781b789681b44cec956d302eae3413
- SHA1
  
  fb12598e1d8953f3300ac4e36c0eee5761010150
- SHA256
  
  9701be1c4e213b24baf7b99636097b884ea1fb71c024b0a0b26739bccec0134c
- SHA512
  
  e48483c3912c4847fd4deac90a5e42eb99033ca310ffac6fcd17a98e49af562d5a6ec9b77ea9859065eebd26f982d3d95d904153ace014853232918710c76fb0
Score

3^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8