Resubmissions

29-08-2024 15:03

240829-sfc78szcpk 6

29-08-2024 14:56

240829-sbhxxszbjk 6

General

  • Target

    1111

  • Size

    6.3MB

  • Sample

    240829-sfc78szcpk

  • MD5

    5c6baf6816136b50bf719e65d0c902b7

  • SHA1

    1c720e7802061019717740155d79763ec8431511

  • SHA256

    dbb270dfa17527ef7f6c02f5edb8896b4d689108aa327f4e9727a3241ade5cee

  • SHA512

    757e3ca35d416325d5994dd908eb01ffbd46cac476b8c19ddcf50a4de091dc8ec74127175e1267349fa3f24a7e042b302e85a3aa6169081a8b380ebb1d2ee5df

  • SSDEEP

    49152:lPopq2v2YFrb/T2vO90d7HjmAFd4A64nsfJ1KdQDdNnXiOPLr4iv80oQODav4kN4:YCinLre0WmNMwHwnEaRxqki

Malware Config

Targets

    • Target

      1111

    • Size

      6.3MB

    • MD5

      5c6baf6816136b50bf719e65d0c902b7

    • SHA1

      1c720e7802061019717740155d79763ec8431511

    • SHA256

      dbb270dfa17527ef7f6c02f5edb8896b4d689108aa327f4e9727a3241ade5cee

    • SHA512

      757e3ca35d416325d5994dd908eb01ffbd46cac476b8c19ddcf50a4de091dc8ec74127175e1267349fa3f24a7e042b302e85a3aa6169081a8b380ebb1d2ee5df

    • SSDEEP

      49152:lPopq2v2YFrb/T2vO90d7HjmAFd4A64nsfJ1KdQDdNnXiOPLr4iv80oQODav4kN4:YCinLre0WmNMwHwnEaRxqki

    • Checks mountinfo of local process

      Checks mountinfo of running processes which indicate if it is running in chroot jail.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    • Reads list of loaded kernel modules

      Reads the list of currently loaded kernel modules, possibly to detect virtual environments.

MITRE ATT&CK Enterprise v15

Tasks