efb0ae6de36cfc028e88342348def8694bcbfdf3f06dee47d2ab342678ec33cd | Triage

Sharing

General

Target

2cpQFAm7HV04FsKexa9uMBzKlDGABg5fBT
Size

95KB
Sample

240725-l31tgsvfre
MD5

ae605aef5a4cf0d975f3ad05dec8aa76
SHA1

365a3b3dc25942cafaffa476b754897d5513b069
SHA256

efb0ae6de36cfc028e88342348def8694bcbfdf3f06dee47d2ab342678ec33cd
SHA512

2eedf1ee3fc8a3d4f485a3d52b2a51ba8a6ed6844637a767b80bff6e011ac348ba90fa16498e1cc95405dd2e269ab9451756b0b018da26c91e0e860f0a8d18fc
SSDEEP

1536:dEG6zPYAm0kh6azhyTC9yfbh1+V+LeDdfCJCW9k358ppk+9WGFFc2mHxZ8XoL5lV:dEJKfzhyTWy11A+LeDdECW65kI2mRZ8i

Score

7^/10

linux persistence

Malware Config

Targets

- Target
  
  2cpQFAm7HV04FsKexa9uMBzKlDGABg5fBT
- Size
  
  95KB
- MD5
  
  ae605aef5a4cf0d975f3ad05dec8aa76
- SHA1
  
  365a3b3dc25942cafaffa476b754897d5513b069
- SHA256
  
  efb0ae6de36cfc028e88342348def8694bcbfdf3f06dee47d2ab342678ec33cd
- SHA512
  
  2eedf1ee3fc8a3d4f485a3d52b2a51ba8a6ed6844637a767b80bff6e011ac348ba90fa16498e1cc95405dd2e269ab9451756b0b018da26c91e0e860f0a8d18fc
- SSDEEP
  
  1536:dEG6zPYAm0kh6azhyTC9yfbh1+V+LeDdfCJCW9k358ppk+9WGFFc2mHxZ8XoL5lV:dEJKfzhyTWy11A+LeDdECW65kI2mRZ8i
Score

7^/10

persistence
- Renames itself
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1