12d8c1b4f478f16a90821b029bdd19a34bcb3b18dea6f89ba3acc3e2d3ea4776 | Triage

Sharing

General

Target

04c44eddcf95dadd0e0b46738fe8bf8d_JaffaCakes118
Size

804KB
Sample

240620-ljpxwazgqe
MD5

04c44eddcf95dadd0e0b46738fe8bf8d
SHA1

69d55093eb2d5c8f3c440749e86fe3bffb4f6259
SHA256

12d8c1b4f478f16a90821b029bdd19a34bcb3b18dea6f89ba3acc3e2d3ea4776
SHA512

e8ee1b3091f0572f8ef8167c9b2196f64d3b213d00b008841989caa67ebbf3e45f829cab96aac75da3b12e5dcff948a5c5ff8c778c2c2863e84eb3cfbc19d02f
SSDEEP

12288:2SjMtwl/SwZYfyEl2GHxVLdZYUcOuBpNkeRzOo+uqnHqMp2nLBspgUdGY/BU1F:9lpZMye7HxZYUKyGSp2LBPUi

Score

7^/10

linux

Malware Config

Targets

- Target
  
  MrLinux/a
- Size
  
  364B
- MD5
  
  d10745b0ad279dfd3f8d1b55fe3bd2e5
- SHA1
  
  3da7d9836dd7ccfab5ac70ca57c4837c3c438be5
- SHA256
  
  754a29dae2fc45606609a80d619e699aa979c48d165a1a31205ec2241ff2a208
- SHA512
  
  f4dd1026ea4f8891f5bbdae2f10fe4eb780af915c2156008eac8989ada9f18315e915efe6546aaaa7f6ea6f17f1f4f6802ef277a76b31b64611757c2c9fa8d6e
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  MrLinux/go.sh
- Size
  
  91B
- MD5
  
  980c501a0d4afb93f01a4de904105a11
- SHA1
  
  a7453713f6477de5e4bc04f67ac37fe06622a288
- SHA256
  
  2e6a590fd9cc5ec2ae98f812d4fde13dc9a68ed3c03a6ec693929f74e2a1799e
- SHA512
  
  5fb908c8cd36cdac7f6fd30a3a6292f59711cc08fff8879b345b59738af64060921af29ee7dc9a3943d32bfef955de3353d449d40d4024310a1582a51fe574a4
Score

3^/10
behavioral5 behavioral6
- Target
  
  MrLinux/pscan2
- Size
  
  5KB
- MD5
  
  b3eb1ec8094fa10169dba7a8bd1a97f1
- SHA1
  
  ccb291eb13a32ae78edf50e84097fd4c0cf18a1d
- SHA256
  
  4422633b12627c70246d868d86cabd6702908b79f3826bcf9222ab20501cb394
- SHA512
  
  1d40b81a7a7cb8b39ab79be0b37a7d661b5f629e726a0218f0f242623f0cd590714436a53505e5715fb89eb4f1dd84eaf2e50a322a7bf1bd010b675ecc14acda
- SSDEEP
  
  96:fHPWXVs/UEkgsqnnx0t9Oek9LjqFxss/uh9jw+eNm6ci6jizk:fY8kgsqnKtQqbL7+ef
Score

1^/10
behavioral7
- Target
  
  MrLinux/ss
- Size
  
  447KB
- MD5
  
  5c71ef9ef225d9806620d3d9e5e15bbb
- SHA1
  
  fe454abfb0cb3a3098c9aaf943d514df0d7e7f8a
- SHA256
  
  2b322393f8c234e3dfb028285a16a945878a5142768153e6bca6c18161dae1a5
- SHA512
  
  5b52433f75958416c49a8ecf62553fd34c1212cfb1e1bcfd3c1ddcb32b9446a2e883cd63cbc611cc00212a86036202c00571f775ce166372fcdfeac3b718679d
- SSDEEP
  
  6144:HIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:odbeIrT9QmbVDNZkMZLdUq
Score

7^/10
- Traces itself
  Traces itself to prevent debugging attempts
- Write file to user bin folder
behavioral8
- Target
  
  MrLinux/sshd
- Size
  
  1.3MB
- MD5
  
  59741bf214e230707adb04f4d26b77be
- SHA1
  
  06bf12ef1307118f15dc32b6c255acbdf794b2e4
- SHA256
  
  79263211b1bfbed2e6ce5ba1a7257a563330ded02ae420be2ec163838cf38bdd
- SHA512
  
  1b5720f6b8d0fc436657030b87fec25e95d5d479ec72e7a2b58282d304604df058d7df952066dba6cfed06f2c82a6868d71e7222571794aee3a793d0642b57fe
- SSDEEP
  
  24576:tvsQC79wnh9/CzSznzf2+b8pTj90uQqUc9QnXSq4+3x:tvsQC79wT/Canzu+eTjR/Uufq4+3x
Score

1^/10
behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9