faf075c5e7302c3901016a83f8a6d98462b1bdfb08116ae14cfe5f115b716972 | Triage

Sharing

General

Target

b7dfec0d4cb3be4a264f92bcd2f68e50_JaffaCakes118
Size

345KB
Sample

240822-q3j8yssgmm
MD5

b7dfec0d4cb3be4a264f92bcd2f68e50
SHA1

4e25d9961dd27ea376c826285f02ecb143ec8b9c
SHA256

faf075c5e7302c3901016a83f8a6d98462b1bdfb08116ae14cfe5f115b716972
SHA512

dc688db55102fee73de9f7d1065b24601491ead9675429078daa492f1778c8d2030ee4ae3abbdff8b39d5dd9dbfcfd40450ce28f03d870b3647c512ea5e5af69
SSDEEP

6144:CU0SAtkkHOU0SAtkkJiJvtjDsYNJdW6dV/T76aPdrJlkOHm729xJtAUSgY:SSAtkxSAtke2vKYNJfFVCOB

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  tester/autorun
- Size
  
  317B
- MD5
  
  9729c037cb0a32811ba3eb15e3c8a789
- SHA1
  
  6e67d4929c0b87dd05afe1b3f5f0aed2852885c4
- SHA256
  
  5f03b45dc87f35120fd01f18150d2c3c807c9dc22d9433208d1bd14d5d581260
- SHA512
  
  ed9131f48df4f3f6503b38f064ef07c7d9a235280ecf03a0a2852f268b98e42b8b445931536bd4a4a4344fefb8a05594dae094e7e7795c9690ab5ca568b1ff8c
Score

6^/10

persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  tester/inst
- Size
  
  3KB
- MD5
  
  aeed375ba852a671c1c5f70ec2aee12f
- SHA1
  
  d70ce9e44232396fc3a51cf599f2fdd14866868e
- SHA256
  
  30c8e0140befc3f2bf19bf1c430f8a2d0eda730a7fb3f5f99b6c328ab4ca3405
- SHA512
  
  8577c6cc7e61695b2162488987bb7b2347cc3663b3a41b24666b939d16aadaf2ea1b75327480755498730850b0a66002c56e1dbaecc3d2db21a23d175ebd731a
Score

3^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  tester/pico
- Size
  
  164KB
- MD5
  
  51c7f3ec60f1613aa5202f26d9248ed1
- SHA1
  
  835ab0aba3740fcf80fe7238ef4d089d8c5a72c1
- SHA256
  
  5e092470ec616d5b866aab0f1a69309b74a48567eec7a250c9a328901a21a498
- SHA512
  
  424071e10216836567266cda5ab18876943817e731272ca68f1b96d00e80cef90c286aa5c46fdd5d963014282f39964f46905bda2e18309d6692383e24b5b8b6
- SSDEEP
  
  3072:6vq0piaD1aJ3INN6QhldW6dV/T76+eRWPdrJlkODLm729xJtyv0t:6vtjDsYNJdW6dV/T76aPdrJlkOHm729b
Score

1^/10
behavioral9
- Target
  
  tester/run
- Size
  
  29B
- MD5
  
  978cc6e3ce07787898519aa26f3b429c
- SHA1
  
  6240237deb675c81f8352a1352b2d8a0d3019493
- SHA256
  
  e0abb3175ea6d042ca49ed299adc0fb2c322ca1e876db21968fc04c90be4fe53
- SHA512
  
  9b4a691f80c953cbaff15e01ce11a858eb03a226c7834ca8adfb97c892c51edc8015863ce0ae22be6d4b50d591d923408a143e03c5d6bb9a801f6fcf4f676f9b
Score

1^/10
behavioral10 behavioral11 behavioral12 behavioral13
- Target
  
  tester/start
- Size
  
  750B
- MD5
  
  158c35ecfd4a4a490b613d87a22088fa
- SHA1
  
  506b5f9540781d1caadba4e03731a9fe72e93c9f
- SHA256
  
  28494083b2cc414dfb12b5de982a44327e15f2db7ee105a8023a7efb434c59b3
- SHA512
  
  fa3157627036595417640a6d54337d5cd90937fc037e45d0738ce54d76c4a5c8ee41bad7b0c422fbc3ff33e38beded6a2df0660d17313a1d997a9bbba1b8a798
Score

1^/10
behavioral14 behavioral15 behavioral16 behavioral17
- Target
  
  tester/xh
- Size
  
  27KB
- MD5
  
  7a02f619632c1ce159bb033feae754c3
- SHA1
  
  b634eceb875ab658bfdae7ff85c2d397b4094902
- SHA256
  
  4865d0a5159ce47e45399b29688dfa40e83878f480d29fe535b101c9a1093280
- SHA512
  
  32c44636e98f01faac6267f7a8e999e18687ac90664460d3a6039789c75d3c06ba1f5ae19cc057d5f8ab0e84de8d5e3611f31f5da05965e84c9da5e65107fbed
- SSDEEP
  
  384:jwMJlsIwxX/7BLhOvO5PbdbFsc8aAYAXkiON2x:jN6IwxdLhOvubdb2c8aAciC2
Score

1^/10
behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18