1fbc5b690f0c510cbedef8b6060b11fec3b0853ea64ea25d7d4cf10567cc94cd | Triage

Sharing

General

Target

orthodox (1).zip
Size

21.4MB
Sample

240921-1c4vsavdre
MD5

922440905b7994e516eb6fb5dce10346
SHA1

bf1daf86eab7bd0e014ca543b43e4326303d262c
SHA256

1fbc5b690f0c510cbedef8b6060b11fec3b0853ea64ea25d7d4cf10567cc94cd
SHA512

67132549ce777ad81c10621abee46509efb01d63b4b41b00e1aaf46fadf6c3d27615e9ab7a1822e4f4bdb8015d8aa69dbcabae02adf2b0a778dfd7522fd95718
SSDEEP

393216:Z3JUJkBzNypA85tBfGIrHYWAdYfJC82QfzLOarU2wl7hXyRHh7L3v7hc8FsQ1UKg:Z3LB5yXrBA0Vf3XU267hiB7L3Thc3Q1m

Score

6^/10

discovery evasion linux pdf

Malware Config

Targets

- Target
  
  lib/test/ziptestdata/exe_with_z64
- Size
  
  978B
- MD5
  
  9110d1a26f495bb755076207bf420e2f
- SHA1
  
  57e320c688a27bc02c0f6fcf273759e419e2d00d
- SHA256
  
  b1a8382acacce4022b02daa25b293ddfc1dc6ce6a3ddb8b3d95b517592c5a428
- SHA512
  
  930fd3d81991545d89965b790276b241a8551e71c8053610812db484f167e9cafcf704f730e6b430f7ff5f6984fba8d1d4e2e330da630a59c92bd175d7348b50
Score

3^/10

discovery
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  lib/test/ziptestdata/exe_with_zip
- Size
  
  990B
- MD5
  
  ac5d1c58016623ab2fca033d996ce822
- SHA1
  
  4bd2e368a95e520d006ab555487a00a92b4e016f
- SHA256
  
  2f27f5c9108936a693fd496565e5c5050b5c62cfbb61d1d5da9d97c89533d637
- SHA512
  
  e2893dc06f5e68d95cbb83803da25ba13f9d7a338237e074e695f1380df9c36df5e7815d1e3fca51c8977981adad645380912e441bcbfffb697b04a9c75a7ab1
Score

3^/10

discovery
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  lib/test/ziptestdata/header.sh
- Size
  
  737B
- MD5
  
  2c7f22c22412b450eca2316b9f9428b7
- SHA1
  
  b044c515c106048981963903c6bd7b856a903e3a
- SHA256
  
  72e55879badf789796c247750ae2f4ae756c37b215d8b892d7ffb696a7c95491
- SHA512
  
  0854a52765a7b1132f8a3d4a6bfd0f15190c82fc4397dbd07e809969347514661eca062bdbf5ea381c1cc3762bd54b1de09eef94312226f186c218132a8c2f4b
Score

3^/10

discovery
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  lib/tk8.6/bgerror.tcl
- Size
  
  8KB
- MD5
  
  c5e9a2e32ae83a79df422d1145b692df
- SHA1
  
  08350f930fb97a95970122920c91fb9ced8329e9
- SHA256
  
  8822365ee279bebf7a36cfdedba1114762f894781f4635170cc5d85ff5b17923
- SHA512
  
  71420e15a3d63329560074f6ffad42cb464401284bc29d0dc8e34d83f8f77079f26bb4c5703e656a48e6931c3dbf6b873756fb212d0860483e0301b29ede1212
- SSDEEP
  
  192:RpwYLapGk1BlM4UBIHpJFVUXUziMJ5Kxyk55qxUr7Vdk5vNR:RuYfvMdOXyj+01f
Score

1^/10
behavioral13 behavioral14
- Target
  
  lib/tk8.6/choosedir.tcl
- Size
  
  9KB
- MD5
  
  818e4f0112931f12b4fac4cad262814c
- SHA1
  
  ac7060df952f9db52c3687b8f5e6aa4adf06992e
- SHA256
  
  35b208e8570b0d1e0ca1c911d4fe02ee3b0cfe5667cf1bdec006cf9d043122ba
- SHA512
  
  0c535b6621bc83412b7a64cb6ac2ba526b8e49bb5f6bc5ebeda41d223d68deb031db9c8a31f8671bc5f327d720942e7fdae3328334b0b550ac991191f96909d6
- SSDEEP
  
  192:HKOdkMpU9YUp8UIhMYYicln9Die0luVZat3pIp5Y3sF1P8Bg8p6trIOzvKsOiCLU:HyMm9J8wPx70luex4C8Fygq6tohef+0J
Score

1^/10
behavioral15 behavioral16
- Target
  
  lib/tk8.6/clrpick.tcl
- Size
  
  21KB
- MD5
  
  89c6cabeb68b1a5318d88dd8444c3de3
- SHA1
  
  c19c58eec7fb5105a609c0896edcc336c00e7f9e
- SHA256
  
  e7aa73828a731dcc9541308aa53ff3cf550a0952fd42c4d86d831f87fb47cdcf
- SHA512
  
  a49a96a2bfc0d1a8e4003526e7836b9968daf2b4da727b23b7e180b5472dd187ab409d2fdf233f2557bd0dc2b4fe57aa2dd57bc2bdce90dd2b603f4bb74cf22d
- SSDEEP
  
  384:lJGidpe3JQDUd6hgp6EQstzQf+a9DPbJ43/H//cO802UeeVnZmM6BA0kyVJv9Qpu:Gep6JCwQDPbWPaRCzTdMAe
Score

1^/10
behavioral17 behavioral18
- Target
  
  lib/tk8.6/comdlg.tcl
- Size
  
  8KB
- MD5
  
  abf277e4f62423f4345b6ad65640b8c2
- SHA1
  
  e66a4e37d51c7827c9aca449a42e0966aacbc8c8
- SHA256
  
  c7da292ccf5f413e599c3491c331ffd58cf273f8477facb097e6f36cf1f32a08
- SHA512
  
  aa9f75d7c5c915b5fcd2f454856d080d186ab9ba149dc139feaf7f4ac3dc51e6769e138e3b1be45b3fec3ae744189de44db2b748f0628ff13e4e733b9cd68bd5
- SSDEEP
  
  192:u4R7+/gFw/MEN55fO7eyjt4bjC+gR8e3vwLln/+LVtUw0tXK4jA:u4l+/gFeMI55Xyjt4bjC+gOe3Ih/+LV1
Score

1^/10
behavioral19 behavioral20
- Target
  
  lib/tk8.6/demos/floor.tcl
- Size
  
  79KB
- MD5
  
  f4701f07cb6aa59a274af94538eea214
- SHA1
  
  ca139e2de96cb4b75c8b90271c5673c6097130dd
- SHA256
  
  fc7e5d5fc0e84cfe7b9b1875b401bd471ea0a9773f1e8d06a92e67cb1edde61f
- SHA512
  
  a8000bf5c475db833a8db03ddfdfa8b581921e3969fa03b8743fc0f7e6922ad9e881876d5f65e64e1c8ad1652fb10268bc4a088f5f11617b268ed294d92abbca
- SSDEEP
  
  768:4CMYvHXoB+FF+kQ781nOUz+9g55QSEusCfkls5xZrT+pZoRiE:0YPoB+rT1nOUzmg55QSE9lsNv+pZoRiE
Score

1^/10
behavioral21 behavioral22
- Target
  
  lib/tk8.6/demos/goldberg.tcl
- Size
  
  57KB
- MD5
  
  0e8a6367843e7ea6aeb6b1fecbfb387e
- SHA1
  
  07843cebc21e6f0af74173e9aa0b995c0ab2b80e
- SHA256
  
  0b1bb7e4a679199610dc99863c0a4aef59cb8cf2b3d3a5cd97cf567ec9cc1026
- SHA512
  
  f913f5abc841aa638708465c1424344fcd3a354a4d21e638512bc4e14d89222dc313e6eb1d3365541a46f31545aa7b1a23994e9815341d6ab0ace3f6c3a4e92d
- SSDEEP
  
  768:TTzeOOfXp3Pgrzkz0F3C89jwXdH2RFBi8owvxRyx0bjbodHiIixMV8y8hooepq:TT+/puzKC32XdWRFFoEb3Iik5hI
Score

1^/10
behavioral23 behavioral24
- Target
  
  lib/tk8.6/demos/hello
- Size
  
  531B
- MD5
  
  3136374513ae741007d8e9c1cdb9adc0
- SHA1
  
  f9cfcd8715539908c112101b42edbbe0c86dd595
- SHA256
  
  741bbaf0dc065eb4fcc7b655e0f830bce6c9d9c22cf61ac9f18c17986819f414
- SHA512
  
  4f9deb7da46edd2156d716f10ac1bea58a7e215e55a260c796b3816c9a558d9217702507c052f90e66ec63a36e660385057b0506dd343a736a32a30cf9702df9
Score

1^/10
behavioral25 behavioral26 behavioral27 behavioral28
- Target
  
  lib/tk8.6/demos/items.tcl
- Size
  
  10KB
- MD5
  
  cef8aeac26b4038af819b966b5690adb
- SHA1
  
  83a4933ee5268c42ab5d7cdbe4d2e94be3f6ea44
- SHA256
  
  db098afb912829ef09a31c7a95c2a1c14f3ce0ff70c1271604d89b7c2143123d
- SHA512
  
  1c58fd0d5d0a9750d73cf3db691f2bfeafd239e33a13fb8fb9790014fb170a571c700e6a6256e947530954e99224e67ce070fcc358cabb1deed52a9e0c77a004
- SSDEEP
  
  192:JOxVzNFgqFAemaYLDP+Qf5ylrJfP1t0f+BUSf58l/fIdIDJutF1SnKYXAfJ7I2nb:JyVxFJFAemjLPukO+Q9+KYwh7NbhTL8O
Score

1^/10
behavioral29 behavioral30
- Target
  
  lib/tk8.6/demos/ixset
- Size
  
  8KB
- MD5
  
  26b62da74709aacce5ab1ad531de978a
- SHA1
  
  fce5e60972c03adf2f9500abf597d9e379c5e474
- SHA256
  
  7ddeea934b567e8e5bee08e2a3767ddf40f015ab251bddd79a841cfec548e694
- SHA512
  
  449fcd4e27f6c4d5f409eebfee74378548deddb2b8124121dfee72e7bbacaee6172bb535a166036b68789f70d57d6ced2c437c5714143041e802c325ad3ac9cd
- SSDEEP
  
  96:dFKJ/NVGt1NCH3KhnHZnV7i6IP+0isnIVIUmVvbWi4sIqpL3xck3E6gw8goVU/NA:/KYHyUhditI+L3xL0wBoVUJ63ewCit
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32