42abf53f393f7f6b23ace02dcecf8196ef678ad8b2e7c5d784aa3cb044419662 | Triage

Sharing

General

Target

42abf53f393f7f6b23ace02dcecf8196ef678ad8b2e7c5d784aa3cb044419662
Size

122KB
Sample

240721-hkqzsaxfln
MD5

16ce797b5a509d31bb999b13d2ceb899
SHA1

350258251451d041550e7ee08bd60bc4cb68f3af
SHA256

42abf53f393f7f6b23ace02dcecf8196ef678ad8b2e7c5d784aa3cb044419662
SHA512

fba68e3122e7e0c879cab9667b70d579f6090bb3d9e53c30861f20bc949b163c4c08bda09002a7ee4bf28400d653508fd4a94a6317fb9a2c180e5f432566dead
SSDEEP

3072:qKlmVLTRAdyi8sclagWcnKFQxgPa55VOpmmyYThQ/1RnoY:qRsYaKBxgPa1OpmmyYThQ/1RnoY

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  42abf53f393f7f6b23ace02dcecf8196ef678ad8b2e7c5d784aa3cb044419662
- Size
  
  122KB
- MD5
  
  16ce797b5a509d31bb999b13d2ceb899
- SHA1
  
  350258251451d041550e7ee08bd60bc4cb68f3af
- SHA256
  
  42abf53f393f7f6b23ace02dcecf8196ef678ad8b2e7c5d784aa3cb044419662
- SHA512
  
  fba68e3122e7e0c879cab9667b70d579f6090bb3d9e53c30861f20bc949b163c4c08bda09002a7ee4bf28400d653508fd4a94a6317fb9a2c180e5f432566dead
- SSDEEP
  
  3072:qKlmVLTRAdyi8sclagWcnKFQxgPa55VOpmmyYThQ/1RnoY:qRsYaKBxgPa1OpmmyYThQ/1RnoY
Score

7^/10

persistence
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1