Overview

overview

6

Static

static

1

node_expor...ICENSE

windows7-x64

1

node_expor...ICENSE

windows10-2004-x64

1

node_expor...NOTICE

windows7-x64

1

node_expor...NOTICE

windows10-2004-x64

1

node_expor...porter

ubuntu-24.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    node_exporter-Agent-Linux.7z

  • Size

    8.6MB

  • Sample

    240628-h25jhazejk

  • MD5

    3fd1de3731378da307b32b5685774038

  • SHA1

    c9ec3bfb9804205d7ba2b5ff082c66682ad68410

  • SHA256

    9d451e048ca401bc0213e962f33e8dd986649aa61b820d295284d10f13439ac2

  • SHA512

    7dc22907e6170a95a08276543fd7d10af618ba82aa8b16881915d8a9593c1dfda3a380efb94f66a846e56c26bb74f5e554bc3f93c18a67604d829069e12a0bd3

  • SSDEEP

    196608:Q1lYnFcLTIBrklLkrVetSSHmzRaqEOvTS0gMtOYMVflQ1axSTYmah:SMFcL8Br8LkB8SqmzBffpEYelQ1lJah

Score
6/10
antivmlinux

Malware Config

Targets

    • Target

      node_exporter-Agent-Linux/LICENSE

    • Size

      11KB

    • MD5

      86d3f3a95c324c9479bd8986968f4327

    • SHA1

      7df059597099bb7dcf25d2a9aedfaf4465f72d8d

    • SHA256

      c71d239df91726fc519c6eb72d318ec65820627232b2f796219e87dcf35d0ab4

    • SHA512

      dc6b68d13b8cf959644b935f1192b02c71aa7a5cf653bd43b4480fa89eec8d4d3f16a2278ec8c3b40ab1fdb233b3173a78fd83590d6f739e0c9e8ff56c282557

    • SSDEEP

      192:fU6G5KXSD9VYUKhu1JVF9hFGvV/QiGkS594drFjuHYx5dvTrLh3kTSEn7HbHR:M9vlKM1zJlFvmNz5VrlkTS07Ht

    Score
    1/10
    behavioral1behavioral2

    • Target

      node_exporter-Agent-Linux/NOTICE

    • Size

      463B

    • MD5

      7ac98f4dba3e7ed40f7bd58f34efc4f3

    • SHA1

      0a2df4efb5c5c66d32eaafc300f9f27124cec599

    • SHA256

      486749a1a95a4c91fd0782c27cf7c9f72f21140e4c3853609cd91c3e921d1ba6

    • SHA512

      78c53f97813abba44c23ad437abf3d62b4a10b8725137c92addf4bc1d1383efc0e3b3235e32ceab7be6c70d0cde955e633192a65066357e44d8b2bf5dc0fa864

    Score
    1/10
    behavioral3behavioral4

    • Target

      node_exporter-Agent-Linux/node_exporter

    • Size

      19.1MB

    • MD5

      fba5b39f3d6967d65a5fef8d0390244f

    • SHA1

      4591560c779f1e89123bd1a7723212c808d5a3be

    • SHA256

      1a6ff4c715bd59fc3108188d602a7086e80b61b06c4cb3a92a1d2cb66e077d4e

    • SHA512

      28e5467e6e7ed71f369e77385dd9441480d820a2eea28e79efd02a04acd04db456abc0db334cd9aa5282123a463f70d86f21b77f71016553b71c75fa7bc354fb

    • SSDEEP

      196608:GJUTa8eWi3l1vbuG420livNXDXInkXdH4IG:GJUT0X3lNwbslX8kyh

    Score
    6/10
    antivm

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    behavioral5

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks