c0653f3663ee80d8ef29bf606aca6338f566109ba1ca67a545e15e7d44b3ead6 | Triage

Sharing

General

Target

e25516b009b4170d5cbab9a9d69747e1
Size

440KB
Sample

231222-s948taebc4
MD5

e25516b009b4170d5cbab9a9d69747e1
SHA1

a7573f6228114157c564b4fd1ddffdf410766c58
SHA256

c0653f3663ee80d8ef29bf606aca6338f566109ba1ca67a545e15e7d44b3ead6
SHA512

0977201593b7c37da83ad8fd6bf4be6d5b750a1058e2aead5775c3252ddc4e0dda863114991940aa2d3fef393a357f315df6d4e4bbc0198313e254f9ecaac5d5
SSDEEP

6144:Jp/WpIDhQg37XNJnjdAPxgUi6G7fbqy3Rbi/oUHMcH73ZuokmJT/yPEcAEMe5:JpiIDhQg37dJnjeJG7TbRbi/o2b3AkB

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  .psy/config
- Size
  
  141B
- MD5
  
  f4456b3228dfab92695cc95cff7a3c99
- SHA1
  
  20d5f3b7475007dbbbba2fbf7c829f262377eb36
- SHA256
  
  bd49bbc8f4137547ba4172b151558779daa19600f74f389ed1fe315ae026211f
- SHA512
  
  4eb4ea098aa14ff25b9fd7c2f0416c1152303555ef79d8d2da5ba4c4428b62bca527fb181f5e23963f525fd0aa5de461b634950ddc0aca903692fc5dc43d6d97
Score

3^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  .psy/fuck
- Size
  
  341B
- MD5
  
  da72b7902fddd75b33d31091a34dae79
- SHA1
  
  ccfaebf5d0c4e143342a1fe6c76f1bbcdfb46c5b
- SHA256
  
  b1367438cb2b92f62d7fce17df7b912bf3e4a85b5a27cb820bcb62667f573df2
- SHA512
  
  aaa303d5216f66afa80fd62a6a95e3dd0624f3958d4527f223d6488414987f75090f41fac89d2db526c513d530f6165b3fac86b8710b426d096b14da2cd0867c
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  .psy/proc
- Size
  
  13KB
- MD5
  
  c7c873f5baad56d2889e0c819d73fae6
- SHA1
  
  c712c6af79b93d1e5afd288e9d9c95e6e760c5e1
- SHA256
  
  2ae7a5aea125f1ca5689236da02be0df7412a01f53580e9a84d386bd82eb26bd
- SHA512
  
  429c78d4bef4f8ed8243219c9751eb1d8a381c6a2276f78603ad1ddccabe0554444e22e34898b48c5d16e90a9caabfbc865f250305ef5860267c639c6fa2bfe6
- SSDEEP
  
  192:foGaAiHkfzr1MoodbFEh6OHc8aG1j4ZABcGcB57hM1:ffiH62bdbFsc8aAfByL72
Score

1^/10
behavioral9
- Target
  
  .psy/psybnc
- Size
  
  197KB
- MD5
  
  6c83053b1d50de68c20c823a7ce9c051
- SHA1
  
  528a80e47c67441e2ee4dd6a03ccf67d7951ac97
- SHA256
  
  026ae836b12fa2c7ff191dc00a91bfe3467f7705755bd4d51d4f0e3692c41265
- SHA512
  
  b71229ed073da10c9c927a016572e92a84728c6d93ed30ffa04e6b1c28c9b660de3bbdd5496c1130718091c736ff937900e2f2414221045bf12456d4498bc2d2
- SSDEEP
  
  6144:Ui6G7fbqy3Rbi/oUHMcH73ZuokmJT/yPEcAE:cG7TbRbi/o2b3Ak
Score

1^/10
behavioral10
- Target
  
  .psy/run
- Size
  
  66B
- MD5
  
  920653c9c4f7cf50bd8abe851a64a7cd
- SHA1
  
  ebe4e25e3db24f1424863aa8ea8c559b9c1455ec
- SHA256
  
  93458bc8cc963afcf3fa3c25c9304b16ec94a37ce86caf2680f9efff5700be48
- SHA512
  
  2340687372939f1d69a4e8f5ec19e4e3c636971d5a6472b39755e7d6ff70845f6e75861470f15998d2a79fade3e13542e0da141079ec3765ef6aec6f83eb45b8
Score

1^/10
behavioral11 behavioral12 behavioral13 behavioral14
- Target
  
  .psy/scripts/DEFAULT.SCRIPT
- Size
  
  16KB
- MD5
  
  db9de27dd2cf05d10025d6104d13bb6f
- SHA1
  
  d7ffeb3ede11114ad4bdecdacfa0704a4eb5103c
- SHA256
  
  78e1367a0de0cd248aa571186c2121bf794cbb3de752c5127a54ac37aa25b0da
- SHA512
  
  c7bc582a9b0bd29a4996a265962ca1c87e8a2b08e879cab284625c432e09fce36b02e6b1d3c572752be2671f08bfb847cd43bc49945fb4968d77f95d720835b0
- SSDEEP
  
  384:RpGcccccccccccccRccccccccccccc/cccccccccccccRccccccccccccc/ccccD:Re
Score

1^/10
behavioral15 behavioral16
- Target
  
  .psy/xh
- Size
  
  21KB
- MD5
  
  3c354f7aa931f9a7a8b6c3876d256001
- SHA1
  
  f9fba90de6d8378b9577f01f2173a99753134260
- SHA256
  
  b9bbcfe067949aa518a9e9902e6997b19da9c44eb394f423ce4a7e37d4dfea24
- SHA512
  
  107c62a2782ad7f042a81acaef38353063dd8e66bee294c396bdf0ff1122a3ffa52d45933907baa91a5475a8d4d3cb22f731e1d73aa27cbd40cfdb0955904337
- SSDEEP
  
  384:f7wMJlsIwxX/7BLhOvO5PbdbFsc8aAYAXkiu30xH:DN6IwxdLhOvubdb2c8aAciTV
Score

1^/10
behavioral17

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17