1278f16d2cd012d8d650517c96aa2baeb2654d711b92f655a947970844b66340

Sharing

Copy URL

Twitter E-mail

General

Target

0010_999_1522127700_hidrive-backup_1.0.3.r150_x86-64.apk
Size

911KB
Sample

240521-gjj96sff91
MD5

9ba179ebfe7b906f4b27e0f7db3bd3da
SHA1

0d9feb63010f8e1366c2201133a703273c17f112
SHA256

1278f16d2cd012d8d650517c96aa2baeb2654d711b92f655a947970844b66340
SHA512

d92dd0caaa0d40c2abd0934657a24828a11b99c921125d51e3de5ea5668673146e45c0164ee7141381f85e56aeef0de3878adcaf82f2e8343a6a061082f0e8c8
SSDEEP

24576:pDZckDJQN3LgYmtqo+I71MXHBUO5IZaBu4oKu:VZcDmCI7O3BUO5kaBAn

Score

3^/10

execution linux

Malware Config

Targets

- Target
  
  UC50hidrive-backup.sh
- Size
  
  433B
- MD5
  
  2d7edc0d07095bb8fdd2b6f6883fa4e7
- SHA1
  
  49cc3ddf82a8158ef1717c0d5b7993be3985472a
- SHA256
  
  eb48eaaac8196a09ef300ce24c5e5ab624cf4a05bd6d9b04f18ee54de8daa20d
- SHA512
  
  04b415ff6116bcd9a40522c7bebd8d2a0fa6b5375700af90419618285eb4e3929aa0b4abe8bf2dd23c91aa94a6a27a0b55947106501b9f70a33264d2de31ef3a
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  post-install.sh
- Size
  
  372B
- MD5
  
  1709399b0fb574d5166c4d99b7e9f753
- SHA1
  
  54c4ff5d7cc4b76f65efdede02d12d60d88c0cf2
- SHA256
  
  e0ef843040beb480a5e0aeb4d89e961e2c5e0ccc222bbeaab2462b2dbcfe0783
- SHA512
  
  49f519d39827329210cdc291839101f2d2531bd0dce88eb8102869e4d1652ef0d6f94e41612de66a05df508a4c054bd8c550de50d64b45a61296c07ef2e5fca3
Score

1^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  pre-install.sh
- Size
  
  166B
- MD5
  
  cb646a33c277ee95ed668f6e3ad1d066
- SHA1
  
  5f2bdb82e118d09485450c38de9ce8417db777d7
- SHA256
  
  716380ec2864c514c03aa88b647ff79b847b0b0ee34b79c819fd624090aa0b4f
- SHA512
  
  ee5f081a5a835f92325d15b6a9cc837d8276abd979f6aa024e605609a867fb1688a3ec2e2bf6b9c93612c07af96b8f5b2862b824eefe1667b7b16142d487d515
Score

1^/10
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  pre-uninstall.sh
- Size
  
  61B
- MD5
  
  ddac496f292812517038aa11dbd297b2
- SHA1
  
  2c2e788ed989f1c375a74c91eddc7ad0c01bbb32
- SHA256
  
  177f41ae22ff33f1ecd111519e41908ed35c92deb3584e4059adbda1adaba602
- SHA512
  
  921c845b6ea2ebe28edf52eff6dbb70ae0795c561317bb8f4cbf3eb5de8e4933668602481a9bfce408b9d931e1072a7c34c1a0178644cbed796135c32c455383
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  start-stop.sh
- Size
  
  588B
- MD5
  
  d5c2b2a0d04813a6af03fe06977c933a
- SHA1
  
  d1bd8ee46d7896b1600d902c6e4551e5db67639b
- SHA256
  
  66549537399b405f74f55603ff8d70362bc98f2743e8fd2689335a6b4faea5e7
- SHA512
  
  df0634d87142bf989f8349e13a7bda7dd6285091f01e9406b5562907ba299888326d2c6b9b91608f41d59a0d25b7b6f463bfc9372783c69f12d64acb26cd019e
Score

1^/10
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  bin/aborter
- Size
  
  25KB
- MD5
  
  2ef1d974fde0f69d4b4055ffd8276ac8
- SHA1
  
  60a24ab9c36ca26684210e575dd8b6fc00b8df53
- SHA256
  
  37bd81a6d2eb8f10c2c9acdfa2e6636325c00b91f08b5f897b391ecd9e3a5359
- SHA512
  
  fb9826ae2d1f6cfcec9578314d466003c11b625b1cf0bf87bbc940258c015d0142a5c7bfc9070959ff99d27c437614ed830f89b191178b353fe32fb8b72c24e1
- SSDEEP
  
  384:s2JiUxVnhARvaQUhwr4RqNJM4f6Ui9jXPCvZZ5:3JxrhAYI4RwiP/WL
Score

1^/10
behavioral21
- Target
  
  bin/cron_manager
- Size
  
  24KB
- MD5
  
  0ad23f1c5b922d91bebf5f25e09e7492
- SHA1
  
  e6860beb7240304ba69e460dd18a8010c0f1d5d4
- SHA256
  
  92d6e1e81dce7aa2eec8af03f78bd92260cc176a0db725ce1b342318953b599e
- SHA512
  
  f62c214b980d637c9c564f361adcc4bdd4bf4dc87b33804c0724690c21179b944ee1aac91a448428eebd5de588ba4a25f71210e4c710a6dcfbf1d7365afb069d
- SSDEEP
  
  384:YPa16NnJOZQwGKLs54upr19ZxeXjZEj7QCvZrh:+a1AJEY5XJgmj7pV
Score

1^/10
behavioral22
- Target
  
  bin/launcher
- Size
  
  68KB
- MD5
  
  d10962d089155bc53f06c1617b7eb4cb
- SHA1
  
  b355e37d28b76e339936de545a6b1baa11266044
- SHA256
  
  337e3f5d885ace94f65dbdd9ca3ad20d568dd1e3772027e20d4930dfe66b68ee
- SHA512
  
  b91106ef148f4a504fb009843b0a50fbd0bc18308cf11a26aaaead76e084b432a2b1df61003efce6eaac87214b674621f44efa33b34bfb3631ac2896143bacc2
- SSDEEP
  
  768:ZAv0FoyormUgZq8fUtXgZzWh0N7ZoVMSpW+GXmxZ4b2kOKIdrUkrMxY2bZLrWjNc:ZAsyydhdUhON7Rg4POUhGThqpVIU
Score

1^/10
behavioral23
- Target
  
  bin/lftp
- Size
  
  1.9MB
- MD5
  
  642d599db325d2bd3968dbb1e8f51f0f
- SHA1
  
  1ac891c62853c78d2f8d725a0cace38a70892e90
- SHA256
  
  9ea861e199738832f10b377860f0f992d3f0f6e2a317afef0e1470c0185d18bd
- SHA512
  
  0fb4de4f260b8285e253ed4d3282c9aa6b700642ca32501ee09a86494b514668d9dd5f8850df9ff989eb096dc488142f3e494a2a6d508bccb2a710a0b6a46715
- SSDEEP
  
  24576:FZizqN17ZwTTkd6noCzfqQeSaTRwaFGPezvmCTMLLHPEhi9B6CDBnGytcA6:3izqz7ZwJo+eSwuaFGPQmCTMvHcB
Score

1^/10
behavioral24
- Target
  
  bin/sshpass
- Size
  
  15KB
- MD5
  
  8a685786d22eb83752e1a9586d1e757a
- SHA1
  
  9885d3c032519eb693ed10727dc368c5a7c03c0a
- SHA256
  
  378384e3ca0593c1c00ba748b8cfdb196ca491eba7e7e0e522d1693cf614dda0
- SHA512
  
  8a3552759d1764e953f39cd06ebc6ddce3b85201cf20c129ed8b3679b69d13c64f359c80ea36c8cdc325b53f18728e208ca7345e2ba9fb5f52454c47e920c9e1
- SSDEEP
  
  192:GAsVQO/ZdSBaFMwMb4eRmpgt5FMs/P8QTDEC6L+Q90rSCprfq:sVQ4ZdSUFMf4eUpgD8s6sI
Score

1^/10
behavioral25
- Target
  
  webman/hidriveBackup.js
- Size
  
  117KB
- MD5
  
  ca0f2f0d6df0c377dbb804d65e0519ac
- SHA1
  
  a67c5178d45f9961db09a379392325dc3a4a7840
- SHA256
  
  3d42fc480775471bfbac2bbe900d87e9c28a2b0a0110a4308a8467b3d8162e77
- SHA512
  
  9f0131499b142fd0b2b9c3c5c7275197f736fc2d341140933463c06a5c03b7260da7b6c6fbdf76c2dbfa86d557b9037e400bd07b8343bdad595f640bdb548f89
- SSDEEP
  
  3072:JlWcf8DYxnX/I+aM6ZuLehJ7chyCZOqqU3YyTv16KxuaZLi79G3AY4YIYSqbNrTD:JlWOlDLeH5yTt2S/
Score

3^/10

execution
behavioral26 behavioral27
- Target
  
  webman/langs/lang-cs.js
- Size
  
  1KB
- MD5
  
  feb2e9571f5da8c8c2f7eb604fa6d3e1
- SHA1
  
  521c8d7b7b9e918310d6bdc36af1e0b94445c3b8
- SHA256
  
  f05232e1781208195b57e211c9a860a7fe1d66b9e72b6b49df3d5ab845052469
- SHA512
  
  0af272ef24483a9f5aff19c34fe2b0ea067d05d90cbbdeea37a994d0c68d3129b8d791742b70b2571e5afe478b25207a9b66d5813095fbbb8f1298c0c714d289
Score

3^/10

execution
behavioral28 behavioral29
- Target
  
  webman/langs/lang-da.js
- Size
  
  1KB
- MD5
  
  d65743e2d0763fca0c8db0dae5f2d16d
- SHA1
  
  40bf37cae1a358f8496869a3a71f209c89f93dbd
- SHA256
  
  b1efb60805b2efb08ba7564bec3fb0c6cb1601e97591ff4834569f2cf21505dc
- SHA512
  
  2673c8265df144ff51e38028a535b3522336997dddaea182564561b8edd057b1875c8843f1cd0bce1b7bab9193d5dec3380e4e61902af8ec9728dbd34dda9359
Score

3^/10

execution
behavioral30 behavioral31
- Target
  
  webman/langs/lang-de-DE.js
- Size
  
  1KB
- MD5
  
  96a530ae21d18f5276997e59259d1e44
- SHA1
  
  2adcb38710bba91bf613323d05b21f094039fb40
- SHA256
  
  660b766f690e2bdd2e186c43b74de62d90e1ee030d19abc376db89e426610c0a
- SHA512
  
  bafb8c07e0bf18070463f5c3e77ac6a50b116a944716807dcc58db6d4981f3c189ce03526cf50471e654aeab58926548b09d9c359d17cb4de840645c0d1f4059
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32