bff5749791072a54077ee7365b596c277e9c7e8dd4e57c9b2992f9839dd6cd8d | Triage

Sharing

General

Target

c0255c5eb70f72c5fdcc3c111c1f4c21
Size

245KB
Sample

231222-rqptcahgel
MD5

c0255c5eb70f72c5fdcc3c111c1f4c21
SHA1

7810f5905c6428caf61e1427715743da5acc10d8
SHA256

bff5749791072a54077ee7365b596c277e9c7e8dd4e57c9b2992f9839dd6cd8d
SHA512

695ece8a6ce8332d304b1e2aa63fcdc38a0d52edec74d8d9ed7e43167a964341ace319a8a5867f9f2e75694abae7d927df1bf196c87caeac47cafb71ac2549da
SSDEEP

6144:cffQDQUaJe5kU4iw5on/XQwDmhU1LbwYtj8PuxrliB:YQDQUa4k7r5IbDmhU1LbwYtj8PuxrliB

Score

7^/10

Malware Config

Targets

- Target
  
  c0255c5eb70f72c5fdcc3c111c1f4c21
- Size
  
  245KB
- MD5
  
  c0255c5eb70f72c5fdcc3c111c1f4c21
- SHA1
  
  7810f5905c6428caf61e1427715743da5acc10d8
- SHA256
  
  bff5749791072a54077ee7365b596c277e9c7e8dd4e57c9b2992f9839dd6cd8d
- SHA512
  
  695ece8a6ce8332d304b1e2aa63fcdc38a0d52edec74d8d9ed7e43167a964341ace319a8a5867f9f2e75694abae7d927df1bf196c87caeac47cafb71ac2549da
- SSDEEP
  
  6144:cffQDQUaJe5kU4iw5on/XQwDmhU1LbwYtj8PuxrliB:YQDQUa4k7r5IbDmhU1LbwYtj8PuxrliB
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1