Overview

overview

4

Static

static

1

R-U-Dead-Yet.zip

macos-10.15-amd64

1

R-U-Dead-Y...tar.gz

macos-10.15-amd64

1

R-U-Dead-Yet.tar

macos-10.15-amd64

4

BeautifulSoup.py

macos-10.15-amd64

1

README.txt

macos-10.15-amd64

rudeadyet.conf

macos-10.15-amd64

4

socks.py

macos-10.15-amd64

4

R-U-Dead-Y...tar.gz

macos-10.15-amd64

4

R-U-Dead-Yet-v2.1.tar

macos-10.15-amd64

1

BeautifulSoup.py

macos-10.15-amd64

4

README.txt

macos-10.15-amd64

4

rudeadyet.conf

macos-10.15-amd64

1

socks.py

macos-10.15-amd64

4

R-U-Dead-Yet.tar.gz

macos-10.15-amd64

R-U-Dead-Yet.tar

macos-10.15-amd64

1

r-u-dead-y...oup.py

macos-10.15-amd64

4

r-u-dead-y...ME.txt

macos-10.15-amd64

1

r-u-dead-y...t.conf

macos-10.15-amd64

4

r-u-dead-y...tar.gz

macos-10.15-amd64

1

r-u-dead-yet-v2.2.tar

macos-10.15-amd64

rudy/BeautifulSoup.py

macos-10.15-amd64

1

rudy/README

macos-10.15-amd64

4

rudy/rudeadyet.conf

macos-10.15-amd64

4

rudy/socks.py

macos-10.15-amd64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    R-U-Dead-Yet.zip

  • Size

    108KB

  • Sample

    240708-q26qkathrc

  • MD5

    00b0096695c3b39787a615aed968b8d8

  • SHA1

    b0bbd4bb3031f9b37a7130dcf084b32e33f92e3a

  • SHA256

    bd1b95e0bdd9fce46568d740a78200ff9d16bd67cefb25633dd937b9a15be7b3

  • SHA512

    e18135a4916bd2ad262a10d58a7e6049ed52323865ebd5b60e103f2ba9d468580ed5484fa192b7abf5c8a8a48c9b47a08926e7f7ef232dadd6f2d8870ee9baea

  • SSDEEP

    3072:fidi1TCZ9po/KuqExgwtHfxitNvv7zxM3Vukdr:fBCWq4gsuv7zxM3cSr

Score
4/10
evasionmacos

Malware Config

Targets

    • Target

      R-U-Dead-Yet.zip

    • Size

      108KB

    • MD5

      00b0096695c3b39787a615aed968b8d8

    • SHA1

      b0bbd4bb3031f9b37a7130dcf084b32e33f92e3a

    • SHA256

      bd1b95e0bdd9fce46568d740a78200ff9d16bd67cefb25633dd937b9a15be7b3

    • SHA512

      e18135a4916bd2ad262a10d58a7e6049ed52323865ebd5b60e103f2ba9d468580ed5484fa192b7abf5c8a8a48c9b47a08926e7f7ef232dadd6f2d8870ee9baea

    • SSDEEP

      3072:fidi1TCZ9po/KuqExgwtHfxitNvv7zxM3Vukdr:fBCWq4gsuv7zxM3cSr

    Score
    1/10
    behavioral1

    • Target

      R-U-Dead-Yet-v2.0.tar.gz

    • Size

      28KB

    • MD5

      7284eea29d5f1a5e416b3afce3428ea2

    • SHA1

      eb65b85eaf037bc8e1414ca242b3dbb288882391

    • SHA256

      0934fc8b080a771ea4a6bedbffd23fb5e2c8826cc242d2c97c3618afc8383718

    • SHA512

      fd9469ff4a8e1fc5d3a1e8bfb984897c279088fe3604be0c713060e708132808f034a1294bc5e04a1027afaca20ea1d869f320571e6b9187158a0eed19cf87a1

    • SSDEEP

      384:aGDS8VgaFXBBNCtbBdXwEhy/UaHHueWIfT7+IlgK9fTx6n3IfeStSIecjNAsz:xX0JBdgEcMaHHucriZmxg3IfttHeAAi

    Score
    1/10
    behavioral2

    • Target

      R-U-Dead-Yet.tar

    • Size

      110KB

    • MD5

      b59eaf4108116fb33567c7fdad0acf69

    • SHA1

      187efd220b67979ea92869d4ae90eb92e99e1403

    • SHA256

      fa437ed16a4196284d8d40b0088dee51f7dd7ddb623b09bb222aa51b383de32f

    • SHA512

      9f75029d2e669bb03accf7e2681dcd97b990a44b8ac168997f7ed43edb79253dbe1cc2204e4d0f84ac16d8983fe96fb32e2a8d20da52d979960e82f2314c2004

    • SSDEEP

      3072:v1DAgi96UOv1Vexz/HHsDtWM4c6jr85UNwSB/v5X5veeej0MKJlQFsPJNOTSxeP8:mz96UOv1Vexz/HHsDtWM4c6jr85UNTdD

    Score
    4/10
    evasion
    behavioral3

    • Target

      BeautifulSoup.py

    • Size

      77KB

    • MD5

      1433407a87b3e41809a32d9e1220bd7f

    • SHA1

      4bac895b7425f8a7b041a70312dcabf666a5802f

    • SHA256

      70f06877192a463c9e1e03f1fb4d8752b0055e65b4d5ec7181a164711ff7182e

    • SHA512

      98a57d2c8444eefe4a67593873e136ec5130b9d698941d71642aa1a606badc28c23f3008adb6e477ef52bbff9d58bc7720d4dd9335a1aef01c441a2b2339c02f

    • SSDEEP

      1536:i1DVd8Rl69/i96UOv1Vexz/HOEsDtWM4c6jr85UNwSB/fyZOIU2:i1DAgi96UOv1Vexz/HHsDtWM4c6jr85b

    Score
    1/10
    behavioral4

    • Target

      README.txt

    • Size

      1KB

    • MD5

      dc0572f2c80e767c534e0aa61b82dced

    • SHA1

      16112eddc6ac31565daf6f188d1576b386d601cf

    • SHA256

      8fc25bbf1243585b9cce62e0a8b4dec636cb4d1bcc7f9a663f361d438f6b02c4

    • SHA512

      ffb2f189686f351507fa13508185588d8d89fcccc2898e773b8827aef7eb64755a0bed44126496c609f5f135a8caee5af276094907143e44ffd9f2f1508d62f5

    Score
    4/10
    evasion
    behavioral5

    • Target

      rudeadyet.conf

    • Size

      141B

    • MD5

      e734a9887801d2ea1687db2b34b9e60f

    • SHA1

      533fd8995db695e64e7b790b002440fd144ede18

    • SHA256

      0b46364735b4ccd6bfb098724635d9fec32d8ee5d065f7d0b8f4ecc51c97fb54

    • SHA512

      6b821f3ecb547846f6457fb3d5de537eeac6ea45e25b07c264e700b542d89a6389d0280ba1b03e634c5bf00b132bcd1c59f6c16a3b9fa9492bc66f6b18e9508a

    Score
    4/10
    evasion
    behavioral6

    • Target

      socks.py

    • Size

      13KB

    • MD5

      e702da50ad4c5f0fc7f5520e7bdbaa99

    • SHA1

      3a900a380e4e4cefb92c00da4d6e77b53ac9f1ae

    • SHA256

      c8a1556ae306eb4e0d1ae7f7948b220646e1e341637e974becc560609424a12b

    • SHA512

      eb98780191c4993c312f6f3b544998ab566a86af68ec426070a255f832c7ac534b0937d1e7330ebaf3998316d076417056a1f2ddae2798fb19082a550ec56a64

    • SSDEEP

      384:yrNraKf1sFI0XT0DoKJlSZFsPbM//8NOTn2TxVQPL1IZI:yTf1sFXXT0MKJlQFsPbM//8NOTSxePLp

    Score
    4/10
    evasion
    behavioral7

    • Target

      R-U-Dead-Yet-v2.1.tar.gz

    • Size

      28KB

    • MD5

      8575606ea2b1fea175d5634ccb0acf54

    • SHA1

      d2b4fed37dbe442123a37f5b026b16fd6c699b12

    • SHA256

      a9986844f6a662337e1caffbe30956fb6db09d2fb81a99ef039d19f99c946275

    • SHA512

      7556a181b88d04d3c1884b18e7f02e2ea44b07552c4c698f1e0cba7368a0a2833276d756598832054d2b95775f325ca9326000ecd7634780466d6bd40eda85b1

    • SSDEEP

      768:+xAkENS8D2L2oQ6fKzl2QayXLoWoiQid/Qorb:+itNvV6fKz0QaWUxRiV33

    Score
    4/10
    evasion
    behavioral8

    • Target

      R-U-Dead-Yet-v2.1.tar

    • Size

      110KB

    • MD5

      7f542c4bff984d958c36d9d4b282bdc1

    • SHA1

      90e1126ea085c6f8a65b74d7ec5967f14d551396

    • SHA256

      5c5cafcf12bf5cff3a4988506fd2fcc0dfb1f8a2eb239cff0753d27b38e1e03b

    • SHA512

      ff2fffef295506045bf4e0e6a2941eca3a5e4c5ce37bca1eda120059fddcaa38db497c3c5cb69f73963d8ced41aef29cf21402ab30ea163565c90e7e7a318013

    • SSDEEP

      3072:Y1DAgi96UOv1Vexz/HHsDtWM4c6jr85UNwSB/v5ErJedej0MKJlQFsPJNOTSxeP8:pz96UOv1Vexz/HHsDtWM4c6jr85UNTdH

    Score
    1/10
    behavioral9

    • Target

      BeautifulSoup.py

    • Size

      77KB

    • MD5

      1433407a87b3e41809a32d9e1220bd7f

    • SHA1

      4bac895b7425f8a7b041a70312dcabf666a5802f

    • SHA256

      70f06877192a463c9e1e03f1fb4d8752b0055e65b4d5ec7181a164711ff7182e

    • SHA512

      98a57d2c8444eefe4a67593873e136ec5130b9d698941d71642aa1a606badc28c23f3008adb6e477ef52bbff9d58bc7720d4dd9335a1aef01c441a2b2339c02f

    • SSDEEP

      1536:i1DVd8Rl69/i96UOv1Vexz/HOEsDtWM4c6jr85UNwSB/fyZOIU2:i1DAgi96UOv1Vexz/HHsDtWM4c6jr85b

    Score
    4/10
    evasion
    behavioral10

    • Target

      README.txt

    • Size

      1KB

    • MD5

      8036137d28a2f1d48952fe6d81cfe99f

    • SHA1

      b4a7a98a80f9e3837874333d6f1a9d89fa8ab24f

    • SHA256

      fa700c4b732b485a2250e72d4c1b57b4f164f3af115e186e29fa2dfdf833269b

    • SHA512

      ecf4363fa1487b7946345332628fc2b4ec9e7a51bc3b7eb183afccf86cb685b118e876af3cfa5c11dfacdce78ced3742132381521e96ef87e6088ef98f463c92

    Score
    4/10
    evasion
    behavioral11

    • Target

      rudeadyet.conf

    • Size

      141B

    • MD5

      e734a9887801d2ea1687db2b34b9e60f

    • SHA1

      533fd8995db695e64e7b790b002440fd144ede18

    • SHA256

      0b46364735b4ccd6bfb098724635d9fec32d8ee5d065f7d0b8f4ecc51c97fb54

    • SHA512

      6b821f3ecb547846f6457fb3d5de537eeac6ea45e25b07c264e700b542d89a6389d0280ba1b03e634c5bf00b132bcd1c59f6c16a3b9fa9492bc66f6b18e9508a

    Score
    1/10
    behavioral12

    • Target

      socks.py

    • Size

      13KB

    • MD5

      e702da50ad4c5f0fc7f5520e7bdbaa99

    • SHA1

      3a900a380e4e4cefb92c00da4d6e77b53ac9f1ae

    • SHA256

      c8a1556ae306eb4e0d1ae7f7948b220646e1e341637e974becc560609424a12b

    • SHA512

      eb98780191c4993c312f6f3b544998ab566a86af68ec426070a255f832c7ac534b0937d1e7330ebaf3998316d076417056a1f2ddae2798fb19082a550ec56a64

    • SSDEEP

      384:yrNraKf1sFI0XT0DoKJlSZFsPbM//8NOTn2TxVQPL1IZI:yTf1sFXXT0MKJlQFsPbM//8NOTSxePLp

    Score
    4/10
    evasion
    behavioral13

    • Target

      R-U-Dead-Yet.tar.gz

    • Size

      22KB

    • MD5

      e7b4a41e11a929d5969ce9b1b4384574

    • SHA1

      92d4f309b0e58389f5c7e95617451982234324b1

    • SHA256

      9f9da8c3e7d66dea4780fdadc6ac9a60664d42386837c1e7ed714dff93c9e186

    • SHA512

      23def17dc0e88f13e6afa9847591b767faed92c308566935411cfc34707bcaa32ed4523cb73822f8475c17a103fe59338d83d832783148a4f97abd7477f51f36

    • SSDEEP

      384:uvixjnm1j62wu0i+4fj4j8AwCe+LZJ2n5FIDg/nKtwhzIHa6qnvMN3YE92u43qLJ:uvihICi+w28MJ2nCN6ZnvMOw2n3qLUrM

    Score
    1/10
    behavioral14

    • Target

      R-U-Dead-Yet.tar

    • Size

      92KB

    • MD5

      b7dd6b0a481368ec696ff7723e398635

    • SHA1

      3b156208a2e27d6f43a234b27aa49a169d487821

    • SHA256

      64aa6094845f9db9966c575cdbf76dfab4c96e2a4e7f8874c8bdae890e6ae16a

    • SHA512

      21509626d76c64b022d1cf0b41633967fc2ef41a570866aa6fce387f7664fd8bdb1321d8faf32369305ee9695626527e978f8223152025643c1a108e2fea81ee

    • SSDEEP

      1536:E1DVd8Rl69/i96UOv1Vexz/HOEsDtWM4c6jr85UNwSB/fyZOIUn1ev:E1DAgi96UOv1Vexz/HHsDtWM4c6jr85/

    Score
    1/10
    behavioral15

    • Target

      r-u-dead-yet/BeautifulSoup.py

    • Size

      77KB

    • MD5

      1433407a87b3e41809a32d9e1220bd7f

    • SHA1

      4bac895b7425f8a7b041a70312dcabf666a5802f

    • SHA256

      70f06877192a463c9e1e03f1fb4d8752b0055e65b4d5ec7181a164711ff7182e

    • SHA512

      98a57d2c8444eefe4a67593873e136ec5130b9d698941d71642aa1a606badc28c23f3008adb6e477ef52bbff9d58bc7720d4dd9335a1aef01c441a2b2339c02f

    • SSDEEP

      1536:i1DVd8Rl69/i96UOv1Vexz/HOEsDtWM4c6jr85UNwSB/fyZOIU2:i1DAgi96UOv1Vexz/HHsDtWM4c6jr85b

    Score
    4/10
    evasion
    behavioral16

    • Target

      r-u-dead-yet/README.txt

    • Size

      984B

    • MD5

      228c01ccf71f43eae78bdab6bafe184f

    • SHA1

      2150bb1efba520d664343afbbdaa286809a1bb82

    • SHA256

      850d2e75882af40ddb8cb4c759930f77fae02c08d798e58bc5aa920c3282ad30

    • SHA512

      4004aea9da22e9dbf9005c8dc20fc4dd7b1d2438e3417be1d7366dfec4e2f9d15fdd1ffc452e812b37ef6ab89af351bf39f7a682898dbd666780593934f21ce6

    Score
    1/10
    behavioral17

    • Target

      r-u-dead-yet/rudeadyet.conf

    • Size

      112B

    • MD5

      17e05cc9640ddaf513df84fa37b2f1c1

    • SHA1

      335f3a31bac32a637662c1b17b8a3fbe61ea910a

    • SHA256

      8048f330f8594d3934870b37efa338220c2dbcb8cd35f577a17d05efc853fbc7

    • SHA512

      5a6865e6422ebc9e27138a7ea1140f087c8fac08e8c9275ab8f280abd1a2d19f194a1a52fef97ab7dc20123766fe168386f542385fc69b998ae8d0bf6c8f0650

    Score
    4/10
    evasion
    behavioral18

    • Target

      r-u-dead-yet-v2.2.tar.gz

    • Size

      28KB

    • MD5

      306389a496410e5be9ecfeed8f30decb

    • SHA1

      a4a6111b3e979e16eb9b49ad63e86bfb874adb25

    • SHA256

      e9dbd25e93a96deead6d457fea311264726fcd2e8c1c46a1ac23a3359fa8f491

    • SHA512

      5234141aedc0d3c7e28a49d2b51385fd6f72f9ae9d5d5e74986581808b5641ef53b25c6394fcb06770d9ce85c8913a36df033bd1a24e811cdcc0b068c2135648

    • SSDEEP

      768:qq3B8u1G1iJ1aPB/nxhp3opxw/88mTduhZxlZ:bBw0iAE88kduhb

    Score
    1/10
    behavioral19

    • Target

      r-u-dead-yet-v2.2.tar

    • Size

      110KB

    • MD5

      bc18f69214800d2a6f165ec4cb096a71

    • SHA1

      aa38d89c18b1bdce531f06b448de8b8b49971281

    • SHA256

      30f8685bc19be92061d4a45d9c8c3d6a3baa971ccd75c02103388905f9e1fab2

    • SHA512

      7a1c8fc3ccd808fbb87b302e1f129be6f7a48735cb7cc980d3eac0e239000890285a1ec48efae1b7b6e73560f92dde1bc9964b6f81c781d50c672a9b1ce24c4b

    • SSDEEP

      3072:kI1DAgi96UOv1Vexz/HHsDtWM4c6jr85UNwSB/v57ubF1ej0MKJlQFsPJNOTSxe0:ez96UOv1Vexz/HHsDtWM4c6jr85UNTdq

    Score
    1/10
    behavioral20

    • Target

      rudy/BeautifulSoup.py

    • Size

      77KB

    • MD5

      1433407a87b3e41809a32d9e1220bd7f

    • SHA1

      4bac895b7425f8a7b041a70312dcabf666a5802f

    • SHA256

      70f06877192a463c9e1e03f1fb4d8752b0055e65b4d5ec7181a164711ff7182e

    • SHA512

      98a57d2c8444eefe4a67593873e136ec5130b9d698941d71642aa1a606badc28c23f3008adb6e477ef52bbff9d58bc7720d4dd9335a1aef01c441a2b2339c02f

    • SSDEEP

      1536:i1DVd8Rl69/i96UOv1Vexz/HOEsDtWM4c6jr85UNwSB/fyZOIU2:i1DAgi96UOv1Vexz/HHsDtWM4c6jr85b

    Score
    1/10
    behavioral21

    • Target

      rudy/README

    • Size

      1KB

    • MD5

      f389319f0cd4f0752e09ab48898d54c4

    • SHA1

      6bd95bd1e30aeadd3b16ac2807abebead3295026

    • SHA256

      4b346ba6e7a2c802eb226bbc886845eec6434ff0f66d51230d0d536b42048f7e

    • SHA512

      c76484ca166784862d7a9e9dbed032094d85b981f8c41c52af53b1533534bd31c9b4bbc4db0de9c0254a76931c16bfc5c2ee729e0810486d666cab69f69b3c20

    Score
    4/10
    evasion
    behavioral22

    • Target

      rudy/rudeadyet.conf

    • Size

      141B

    • MD5

      e734a9887801d2ea1687db2b34b9e60f

    • SHA1

      533fd8995db695e64e7b790b002440fd144ede18

    • SHA256

      0b46364735b4ccd6bfb098724635d9fec32d8ee5d065f7d0b8f4ecc51c97fb54

    • SHA512

      6b821f3ecb547846f6457fb3d5de537eeac6ea45e25b07c264e700b542d89a6389d0280ba1b03e634c5bf00b132bcd1c59f6c16a3b9fa9492bc66f6b18e9508a

    Score
    4/10
    evasion
    behavioral23

    • Target

      rudy/socks.py

    • Size

      13KB

    • MD5

      e702da50ad4c5f0fc7f5520e7bdbaa99

    • SHA1

      3a900a380e4e4cefb92c00da4d6e77b53ac9f1ae

    • SHA256

      c8a1556ae306eb4e0d1ae7f7948b220646e1e341637e974becc560609424a12b

    • SHA512

      eb98780191c4993c312f6f3b544998ab566a86af68ec426070a255f832c7ac534b0937d1e7330ebaf3998316d076417056a1f2ddae2798fb19082a550ec56a64

    • SSDEEP

      384:yrNraKf1sFI0XT0DoKJlSZFsPbM//8NOTn2TxVQPL1IZI:yTf1sFXXT0MKJlQFsPbM//8NOTSxePLp

    Score
    1/10
    behavioral24

MITRE ATT&CK Enterprise v15

Tasks