fcf1ececf113caca86107497ac83fbd9827855f628f124024f615afa02d0da31 | Triage

Sharing

General

Target

9c938ed7f2e383243792d3905c2ca9d1
Size

690KB
Sample

231222-qgvskahda7
MD5

9c938ed7f2e383243792d3905c2ca9d1
SHA1

ba5208f7df46869d4a47e8489e13a144ff041c24
SHA256

fcf1ececf113caca86107497ac83fbd9827855f628f124024f615afa02d0da31
SHA512

4390357e9e033bc2319473a4058baf11be72e0ebac83a44bae9c27ebc770bcf5f269abe1f81198693e3725aef70e0ff5cc45e461dbd0cf1cdfdd8bc0bebe2e28
SSDEEP

12288:lm+XrvUbW4UHTBwLPQ5CNMhRJmSAtkCHSAtkIFWQ:lTXrMbWhTBwLPQjhRJmSAtkCHSAtku

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  .x/autorun
- Size
  
  317B
- MD5
  
  9729c037cb0a32811ba3eb15e3c8a789
- SHA1
  
  6e67d4929c0b87dd05afe1b3f5f0aed2852885c4
- SHA256
  
  5f03b45dc87f35120fd01f18150d2c3c807c9dc22d9433208d1bd14d5d581260
- SHA512
  
  ed9131f48df4f3f6503b38f064ef07c7d9a235280ecf03a0a2852f268b98e42b8b445931536bd4a4a4344fefb8a05594dae094e7e7795c9690ab5ca568b1ff8c
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  .x/crond
- Size
  
  480KB
- MD5
  
  dc7b9585c47ab44830dc84a11e0272fe
- SHA1
  
  7d0f6ecfb4985ec8ef003ab1e8bdf0aae5ffbc75
- SHA256
  
  68aef1145b4e208cf6600d2ccda0080d8ec7a7fe97354b92a7378b81975fbb63
- SHA512
  
  8e870c960053a5b280e6f17cf6b1bbb57a0df1e97799c5416d7ddc03774baba3af5c6d14aa7a3bb51a729f6e88bd7522bb5e950d3da79c97da4869797bb8908e
- SSDEEP
  
  6144:Ymw9XywzvzMPz5obmvlJ9RS3Il4js9QneROyYJ0YnTBwLaTubM1DCmPGMhAj6JQ:Ym+XrvUbW4UHTBwLPQ5CNMhRJQ
Score

1^/10
behavioral5
- Target
  
  .x/inst
- Size
  
  37KB
- MD5
  
  64fb1ea672099ad89d052ca874e52d56
- SHA1
  
  160cd00449b7e59e5aaccf4d068caa47f222efd0
- SHA256
  
  1efae255629a8a7509e9730293f02d86a579f8a9fdbef433654dd13af732313c
- SHA512
  
  b30021056535fc23f1c631bc2772f8b9a13db7f0ab0e6fc1a44883d1bb651250321508eb3b62e48bab93a4de599f25ccbd154dbbb634ade3d6685aee74861480
- SSDEEP
  
  768:1vVKewgpMMx/XNNwsOlET+UpdzmO+lIZrGWfg16KADaQ9hPY+WH7:dTjx/rZFDoldWw6/DaQ/w+WH7
Score

3^/10
behavioral6 behavioral7 behavioral8 behavioral9
- Target
  
  .x/m.help
- Size
  
  22KB
- MD5
  
  3867e7b1168f749f94536c85bf94a2c2
- SHA1
  
  97fdf5c978400ed9de85555c63a7ba9cfe8b77a6
- SHA256
  
  0d1191e8da46fb6461c072b97c94e2b9a139ee6e483a8b615524b47932095d59
- SHA512
  
  b072ec3ccc411f75002c6428569e16d98b43386894be9a41a6c43cbbcf50c24c5a745f2175f40668ccf0be66265b830faf4d3db416a64844255fdc3e26db05b0
- SSDEEP
  
  192:Pk80z2Z8ECr40jfSHgglM7mu07/+6MhqehT1Szb01wm7FElApsm4rcGB1tRlnMCv:c8YjRqMC5YRsQf7FMrpfR9MxInqKJNok
Score

1^/10
behavioral10 behavioral11
- Target
  
  .x/run
- Size
  
  30B
- MD5
  
  25bd3845af995239c27fa27012f011a0
- SHA1
  
  b2f67fb26fc8a93f2ba74cb974eb75e44144da14
- SHA256
  
  6b3cc000a6203a1ae572018060811d6713a15a1be7069322a3ef88f6350d91fd
- SHA512
  
  1681c98ea895fcb9594df5d01f9c504eec4ca0de62b91a5290c83a63d3cbedb36c7a6918b5798aae8e199f023e7f23740dfae8e3dfa1afad9163eaa0a49a99a9
Score

1^/10
behavioral12 behavioral13 behavioral14 behavioral15
- Target
  
  .x/start
- Size
  
  1016B
- MD5
  
  37ae089a70206fb1c2ad6f36722ab0c6
- SHA1
  
  8f70d62e0e85a35ba0cf5d5ae04f02448faaa810
- SHA256
  
  eaff476605928a379c3e1893cc1e957c3361736bea586493702ae0e3bc7eff78
- SHA512
  
  db4ff9709e808b31345ab9198a26bda3c98006f5993e4c17e3adc168561e99ff4f739607c794c0da436df85c1d3130d7f53e8b6a5906e873b28f30b301d9b66e
Score

1^/10
behavioral16 behavioral17 behavioral18 behavioral19

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19