0e4c651aa1837f9dd5e0a5af273f6b55dddb3b9cdad49e9805471d91f2c1cfa0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63a10afcd8fa5948d19c64589dff47a2
Size

19.8MB
Sample

240117-z592tseffp
MD5

63a10afcd8fa5948d19c64589dff47a2
SHA1

c1e941e29587201ee03d62e4839bbe0463026034
SHA256

0e4c651aa1837f9dd5e0a5af273f6b55dddb3b9cdad49e9805471d91f2c1cfa0
SHA512

e1578f46e1c3787cf18a3c38360d0439a2cd2130c31e3e94d0b976dd87520fa07f41cef725d95ee4a252780bc77296354632b317088ae957bfac5d52982f480f
SSDEEP

393216:3DmqRaHVj5ERdXANM2AlnsCujpvBJp6Fb6jhxrVi7lKe31:3D3Ra1j5qXANMPlnU1vp4bgDrV81

Score

8^/10

discovery evasion linux

Malware Config

Targets

- Target
  
  netmap1.0/Setup.exe
- Size
  
  19.1MB
- MD5
  
  b7294dca30db45691b8579f3cfebd87a
- SHA1
  
  56405fc902ecf518b87ebd15ac891405919717ea
- SHA256
  
  fa5d0ba416aaf6c186dfc112d0c397bb48136484d5019588b3990f1b49fcfd23
- SHA512
  
  8b6c5866a832d98bb9492964b8f204e6fafb4df5d29fc40e00b8175733aa875d4a40cb6612424cdfe3d7bb5ec4632a42eba60f30aa659788455c84d9a8365630
- SSDEEP
  
  393216:d7KOXkLJ7Zda7B4BUI5JujpdZirjVbquD7bA785Ab/UcYlCG:d7fXstvaaBvgrZiXVWuDwI5A8X5
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  f62d03fcb1473110e920a9bb2c701006
- SHA1
  
  c48444ef2daa60dcdf91f1645cd4ecd8e66545f7
- SHA256
  
  17e2f205af12d5a86638dc83c95fc69199c41af2fa6daeb1e91ec330f68c5372
- SHA512
  
  701d531d405d08054d53298141d5bbd56e74df7b22bcea5f9f0e5c4407421ea0ca9617aa84e740dc1dc44e6d14e58852c1ca2087213cc2319f2da44eaed0bc05
- SSDEEP
  
  192:g6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxTxK72dwF7dBdcQOz:g6JaVh4I5rpPbTx+BdhO
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  831621130c8312a535358df93b7888a6
- SHA1
  
  2e0c08cbc8142399b1f67b5f48d6b61bdab52248
- SHA256
  
  2839209e83fe72f4ac9a91bab60e6d14ad2af3806106a5f79c253814bfb49f2e
- SHA512
  
  e12209bad8d34ff2e4101221ed35ebbe5e7e7e4b06233cade8474289e77b7c1fd7cd25a7a3db15d91e201b8054dbe300f5729d8f55fc4755ac6efb253e650ff1
- SSDEEP
  
  96:xEX1XJX7MVnIPDmdpClMdqXHFI3eg1XGtXGlriUTMaVX5j8L4:8x1IVnIadpClyqVIRXQXwriUTMaVXb
Score

3^/10
behavioral5 behavioral6
- Target
  
  cont/bin/addport.bat
- Size
  
  249B
- MD5
  
  e2cbf1445a3138ad84853d055f5686fc
- SHA1
  
  1c1c6f03d2e1130e2afc1915007f22050639e734
- SHA256
  
  c3e626f73cddebc39d1bf0aa704738e39ea2119fa9fdcd5dda8153a1f0f10bb7
- SHA512
  
  915c72ba821ad669263bc71f5fad74dd49483bf310a4c4995875bd0fd5750f03fb2b730b3b3512411c32a195505e518161d8a8750a8367086cfbfa607e56c220
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral7 behavioral8
- Target
  
  cont/bin/bootstrap.jar
- Size
  
  29KB
- MD5
  
  653f47ce2c5b8a53f6d17207cbfcf3ed
- SHA1
  
  2cf16d9a36c7b13835cf6ffff88034f1d9807b1b
- SHA256
  
  1a4adfa6a979e4e3dd79c5339391b75cc416d54da73db9d6300cd0f6b243f052
- SHA512
  
  55476bb1b07382639f0ef7ea20f9b050480dcb03ef6b9b7eff6021360d4894a5365c21e31ed4ed96f54077880a9d02ef798cb1e2a54372137b8b9221928573e0
- SSDEEP
  
  768:BBHhLH1m9oJQcepWn1yzFrBDEG3SxNKKqENay6dUffkdb:TdH1depjzFtDeKKqe6iffkdb
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10 behavioral9
- Target
  
  cont/bin/catalina.50.bat
- Size
  
  7KB
- MD5
  
  10482819525f5a3a8131a6153b7e569b
- SHA1
  
  c3b4242973abeb51c59e808eb966341297067183
- SHA256
  
  23056b56dbddd684bffbe0a3fd79423ed61bfcd0f1db014a5ce1ac9444dc9215
- SHA512
  
  53e306784bb9be2555d04589901bee9bc01df9b3bff1429cb4b40ff57038a739927f85396c3c89fff8d7ad3f783c94d18546e0d088c35f048a1151e011012387
- SSDEEP
  
  96:QbX4RhRPJkkB+R443FNnDk6X9wfRWCVxF/PwQ7FQ2AQKsv8ed0ei4:Bgd9wfRHDnFqk8Y0F4
Score

1^/10
behavioral11 behavioral12
- Target
  
  cont/bin/catalina.50.sh
- Size
  
  9KB
- MD5
  
  222140cb6b332b3b4be0a0cb9b847965
- SHA1
  
  9f85fd49c020ccca701fa8ed401046ef2ff40ac6
- SHA256
  
  a6d76ffc34fbc32a548a77dcdfa8363a2d9cc165400199cd3b9048cb714fcfd9
- SHA512
  
  64fc800fad62ae5085efcca12ab7c72464b4d502ae61a480e3bbd23669e9e6a5384f637ba0e8ad3c467a4c3bc05670eb82941d22a2297fd5cbd611d5457b31e4
- SSDEEP
  
  192:JjRz6va4snX64DXAyte44CWi89qfst7/1sJrwBrfu3/t9TeZ1h:JQ146ODz47iK+JrKrfal5eZ1h
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  cont/bin/catalina.bat
- Size
  
  8KB
- MD5
  
  bc5926b7a246955c983f0b70a6c910a3
- SHA1
  
  084ec3a4e457b62cb42d19dcf9792b9c04461af6
- SHA256
  
  d53830a646d514f7f2189d999fab5b6d0bb650ad01ad78d6f2dc3d873fb22803
- SHA512
  
  792cdba1ff82080eae6d0690ae2e5626c4381561d15e1cd22e293c2edda7e80f5101eb428f2a338eb1149fcd0e98a73442c6cd0f0c5ae1983ce811dcd24b0e7d
- SSDEEP
  
  96:QbX4RhRPJkkB+R443FNnDk6iP9wfRWCdxF/PwQ7FQ22DqsP2eB1ee4:BgQP9wfR/DnFtA2Y1l4
Score

1^/10
behavioral17 behavioral18
- Target
  
  cont/bin/catalina.sh
- Size
  
  9KB
- MD5
  
  c9bd4ce6d75f7f7d65a097f5993ba24a
- SHA1
  
  5d6cc690642b89d9469c41b18f9d6add4b1d141e
- SHA256
  
  e6e99d402015711aff6e8fba41c4fb1b737005f3520e7b0074e7e72224aff587
- SHA512
  
  f32ef600b8862d7c3a6a2fd33f61de0d68e88e3e4d3f6be4030c0b905496cdc21957007f968bddc184af7fe2564502f7f1f4dd746a19be91006c7200331b37c1
- SSDEEP
  
  192:JjJz6va4snX64DXAyte44CWi89qfst/HvsZrwXrZu3/t9TeZ1h:JA146ODz47iqUZrCrZal5eZ1h
Score

1^/10
behavioral19 behavioral20 behavioral21 behavioral22
- Target
  
  cont/bin/commons-daemon.jar
- Size
  
  9KB
- MD5
  
  639d7fb76587dee52160afdf43f3e442
- SHA1
  
  75dbdee6e46ae2b661c59437552cc98bac5633f6
- SHA256
  
  56730c6db3a1f14c894252e93f2c874d52cde2c13b290a5de9b3f5609129089f
- SHA512
  
  2fb7bda58c5cc195d0c08a668b22480949e1b1c8e9b528a212d1a1fcec2766f9e8f57d5c7a9abb72eb651c13e1e11f5069455236f4f364f8202e22ddeb5d3729
- SSDEEP
  
  192:mkqv51jgjwXwsGGKzxYTP2is9xa7xaiB0NhQfjT:mkU5ea3ik+iexa7giB0NhQH
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral23 behavioral24
- Target
  
  cont/bin/commons-launcher.jar
- Size
  
  40KB
- MD5
  
  5961a3249226a47dfad0cf0f0a8367b0
- SHA1
  
  53444655dd486616fee54633b7558f878d41cf92
- SHA256
  
  26990ed4e14630598c220f6419b048625d3b5fa8fe290f51df394e6b96a070ec
- SHA512
  
  5d01619a65c3fe9ad545220fbb25ba15523e6334910b03b7cf1688fb91e3671670a0cbb2b2f0b8a492b484dcc6622035108911e23d9c2b6425653cb6fbcacb69
- SSDEEP
  
  768:15/lTd8qALaUogbbSdKn5io39V9kwog5hi/U7gNAxML0UlSk5:31d8qeogbOQ5rNTN5haU7gN4M4UlSk5
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral25 behavioral26
- Target
  
  cont/bin/commons-logging-api.jar
- Size
  
  25KB
- MD5
  
  0b98e0895cd4e66c3eb4c511de112163
- SHA1
  
  544f72427e94a5c55b65a9b81c55c54059b4f993
- SHA256
  
  e168814e138fd3c00ba5e6dd4db0cf64896dfaa0f3a890d0d66652088fd01816
- SHA512
  
  4ad176095573cd2de1cbcb6cecf430822cfad198e10aa1eadbf4e8f4c204252aa15fb0dc3bdc3442710627745a04f5ac67223f2237abc13de9f669efc3ef4297
- SSDEEP
  
  384:e9AtQraIc0kl0XkabpXvtRNvcAvACNl+mrRlq9ffdqWmXygQrciffLg/XO:e66Bc0bzb9tRZcbCNI+YndYXnirgfO
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral27 behavioral28
- Target
  
  cont/bin/cpappend.bat
- Size
  
  511B
- MD5
  
  566f84774d5121c7125beb3fed26bef9
- SHA1
  
  185b35855a3a49393eb13fd244933dd11842b03c
- SHA256
  
  6eb919b0077e949075cbecdbde74b764562655b9cb8c92bef0291da74deed221
- SHA512
  
  d2cf88cc2755f38a72eb7f9042fdb32d2d79d92afe5ea641ff2ca93082fe5729a48d1b45f4fc5dbefc74362f655f0aa975d32cc24a2d0bbd6c06d1a3ddc388df
Score

1^/10
behavioral29 behavioral30
- Target
  
  cont/bin/digest.bat
- Size
  
  1KB
- MD5
  
  96527e68bf11d798b9fa302931e7cc89
- SHA1
  
  ca8aa5bf68d25944b611d82a515761048218e468
- SHA256
  
  455048bc800182f7182cc8c7707432b2a5347a6d119915a3a04497522048cd4f
- SHA512
  
  6a96e7acac61bca496564339ada8445da3a93438ce67796b51179fa7060f0f709b3f2144628ff7ad8cfb7b04947706ae414b6eab3b42fc62f8d6f6ee2ceb02c2
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32