eda059f25e212b264ced6dff8ffb29c91c340f946abeb06f5c435a863b2b033c | Triage

Sharing

General

Target

sb.sh
Size

25KB
Sample

240522-nx3f8sec42
MD5

d2b3a86dddf8cca8e96523cb1c72fdf9
SHA1

bdb88030cb5d94b8c53a7c3bf34c894ef23ea285
SHA256

eda059f25e212b264ced6dff8ffb29c91c340f946abeb06f5c435a863b2b033c
SHA512

19d25ec838dfc885cb2cb08170339373a9c2b7413fd06172dc7fa87289f1f7042c7e46a91e6b2c8aca70fad5e90bf8f2466f34ae3674da5dc4b9570173d0e3aa
SSDEEP

768:KLnoHx/WjXVqewjuDgyadveimN+oRMciVv:KMHl2qeiuDF6eimN3RMJt

Score

7^/10

antivm linux

Malware Config

Targets

- Target
  
  sb.sh
- Size
  
  25KB
- MD5
  
  d2b3a86dddf8cca8e96523cb1c72fdf9
- SHA1
  
  bdb88030cb5d94b8c53a7c3bf34c894ef23ea285
- SHA256
  
  eda059f25e212b264ced6dff8ffb29c91c340f946abeb06f5c435a863b2b033c
- SHA512
  
  19d25ec838dfc885cb2cb08170339373a9c2b7413fd06172dc7fa87289f1f7042c7e46a91e6b2c8aca70fad5e90bf8f2466f34ae3674da5dc4b9570173d0e3aa
- SSDEEP
  
  768:KLnoHx/WjXVqewjuDgyadveimN+oRMciVv:KMHl2qeiuDF6eimN3RMJt
Score

7^/10

antivm
- Executes dropped EXE
- Checks hardware identifiers (DMI)
  Checks DMI information which indicate if the system is a virtual machine.
  antivm
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4