Overview

overview

7

Static

static

1

80faa26a8f...514.sh

ubuntu-18.04-amd64

7

80faa26a8f...514.sh

debian-9-armhf

7

80faa26a8f...514.sh

debian-9-mips

7

80faa26a8f...514.sh

debian-9-mipsel

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80faa26a8f697e16f72239936a4ef7863742c78dc2a997abaf3265cda51a5514.zip

  • Size

    1KB

  • Sample

    240630-xaqnlasdnd

  • MD5

    8662ad85dba3fa57fb43da378ac573f3

  • SHA1

    f466023924590ec5c500b4a1e05de4fbc13aafb5

  • SHA256

    5a7a5f792a6cb4a38d7cb0a61fa5e3e3c3dabaf11159404613c3dbb5cf13ad48

  • SHA512

    63b63f01373a6dbc219e2fa211806e7c5428b5de3d707fa9296e2c856a16b1ff6c7f32c80f9836dac9e562a53067bec62b61fd5a633d3d463eb88e622599cc4f

Score
7/10
antivmlinux

Malware Config

Targets

    • Target

      80faa26a8f697e16f72239936a4ef7863742c78dc2a997abaf3265cda51a5514.sh

    • Size

      5KB

    • MD5

      7b72cf30ac42c20f0a14b0b87425c00a

    • SHA1

      74402152ac0f0c9dfed6f76975080ce1d0d4584d

    • SHA256

      80faa26a8f697e16f72239936a4ef7863742c78dc2a997abaf3265cda51a5514

    • SHA512

      1587b6707b334800f2c4fa7d664542cda84a63c5534b4513003f786058b7d2ef6d22f0f18bdb3d6a81c6a4ea8897453592d4c9bcea0a2e2b62a47f325dbff5eb

    • SSDEEP

      96:Dy0G/8yXwI7gzNnwNnP7fbunnbunJKDnWDnbJtgTGQFE/WztGz:Dw5XwKgRaTzUbUesdtgTGQFE/G8

    Score
    7/10
    antivm

    • Executes dropped EXE

    • Attempts to change immutable files

      Modifies inode attributes on the filesystem to allow changing of immutable files.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Write file to user bin folder

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Hijack Execution Flow

1
T1574

Privilege Escalation

Hijack Execution Flow

1
T1574

Defense Evasion

Hijack Execution Flow

1
T1574

Virtualization/Sandbox Evasion

1
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

1
T1497

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks