68ddec937c856d91a1e9db6a3217abdfb7933e428f7c9b0d134582f8498081f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0db7052872f52b94922edfd3bc0de68f_JaffaCakes118
Size

1.1MB
Sample

241003-d3jk7ssdrn
MD5

0db7052872f52b94922edfd3bc0de68f
SHA1

a9315c746445f8a0c406e2af2247e5a3e6e7584c
SHA256

68ddec937c856d91a1e9db6a3217abdfb7933e428f7c9b0d134582f8498081f8
SHA512

bf8ed443ce62e3fbd3a191c7b072930aaefc0e458c1baad47569ede823d267fc01947bcec13ad195fa28ae501390669733aa47f113895ea615f3af0e336e14c2
SSDEEP

24576:1HiDW/aQ0KL6eYkGpiSIuj1oRsE0415Wt1OFaVVLQn3kO1Kq20k:JSW/aQrHdPSssva4NVMnb1Kxp

Score

7^/10

defense_evasion discovery linux

Malware Config

Targets

- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/.RELEASE.NOTES
- Size
  
  6KB
- MD5
  
  3163d8c9b2e7ad729308e0b1480925e1
- SHA1
  
  777a384e437f4755df996b744bccfa4095f5a9b3
- SHA256
  
  e2045ed37d370e8e24b75adc4623916f02c9b49e07b170f610774fb86f66ed65
- SHA512
  
  a93939ff1234cd3625ce917ec35b47ff80a9619df9aa9581de468e37a91aaa15d25fe0adbbba6fdedfa80444ab6212845da6b295b2b15effb4efb424a681a82f
- SSDEEP
  
  96:inGmF35NRCdzrjFbciOqkitWKbKovMFM5wfP7LpIZGuVlJhwI6ztLf3hwFORT:Q8zrjDFbtWKeoqXLpX5vhwUT
Score

1^/10
behavioral1 behavioral2
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/.bugreport.gdb
- Size
  
  2KB
- MD5
  
  31a71de1ebb62d64fe00461650a82c5c
- SHA1
  
  401d681e1dd1c7b4cb57112b90e257cb42d092ac
- SHA256
  
  d4ee94d5f6dd3d271600a4fb47aaadef3730d6af2e12589baa6ed655c4a4a1b3
- SHA512
  
  21800d75fa45a21c180105ce47f7d5a25d132db992d98b03530c2645db145d8577757a9e2b1bd84fb34bf467d8f11d55ea502df933aed15a30ff40010b25b0ea
Score

1^/10
behavioral3 behavioral4
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/Changes
- Size
  
  15KB
- MD5
  
  b7d71639d987f5569b78dd0d5b13a378
- SHA1
  
  cfde4cb0ca1422e1b3e38271d51e65ab3f88f1a6
- SHA256
  
  c2d07c0a81803ebdb357b386bea988d4bcb5876104c7c80315225e1688528d60
- SHA512
  
  7d6c13468ecd4c74367fe2399642462d72a18b626640585d477ea427ca2643b44ff352e504c703ea8c16b21df278fc77059a88a44be6a11d9a3d21983608019e
- SSDEEP
  
  384:2jFY///y1isKgfy1LJL/cDOXfOLmRhOQuWEU10UNj:2jFYX6NKMyMDGnZVEUSUNj
Score

1^/10
behavioral5 behavioral6
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/Config
- Size
  
  13KB
- MD5
  
  657e46a8fa16cf20e39a538ccc32bf51
- SHA1
  
  d0e3078b31c2a163623076cac6f16abeff38fcf7
- SHA256
  
  c916150569a821c9654d81c8ed213f9a96bb7c610327e3a9d8d5bcb7891faff8
- SHA512
  
  17a01844d6c5b45f2a72f21386fc9ec59a3683db5807bf4128cdcb203306ad0390ce6d3de47ee647c76402f1c229ed0d5d33f9ec4369dcfedb73ce5a54bf4ad7
- SSDEEP
  
  192:gPDp6EHrINXIV5wZodcrBbPqnfmtbXj1sMtp6oqbOIJ1ameaR+HnX/0pflRs:gPDp6MkN4V5wU+qJa
Score

3^/10
behavioral10 behavioral7 behavioral8 behavioral9
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/configure
- Size
  
  307KB
- MD5
  
  b75e5d973cbaea7856ab17c2052eef11
- SHA1
  
  1db6273dc7b3ea8570b214bf4e77b3e8b24f639e
- SHA256
  
  cd46ce112088d7e599a89707af84c3c5fa93e5caf5dcf3bd2fb05b0f459d9c50
- SHA512
  
  09db86926c0e299890264f6683adfaf9cb87bba34e812577cb8ebc570c9847aa7ca178acba05cb3707deea892e75a1c21324733ad4f6cf8a34fa9369e91b1a52
- SSDEEP
  
  6144:cXvhRd1rrTPlI3dDsMqdqBh7T8uVuB7dcjEBAN69nDHDzA46BnSynAi1Pz6DIAfT:m6TA
Score

1^/10
behavioral11 behavioral12
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/curlinstall
- Size
  
  1KB
- MD5
  
  9336bd85f58aecf056bcdfc7c7dd7302
- SHA1
  
  2158932a45df7fb7896cf4846576111bc5bcc3fc
- SHA256
  
  98079aeec7ffc8cc08a0aeef783de028f152d420124410342e46a9a9a01be30e
- SHA512
  
  528d205deef25a49a8605b96643f0a5bebc895b9891fbff5904dfae22f747cf0afa30204eac7e403d506c9e5a570f1596d358b9e5dba9e3631239fa2425dc5da
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/extras/regex/configure
- Size
  
  11KB
- MD5
  
  45ac9c86d864d043af3fc657c32dc215
- SHA1
  
  ab4b4d62b45060a36d89758b5f888a5c4d5c03af
- SHA256
  
  5605e4165a7556c07aabbd906c09f408746732449ddeecd345fbcdf3527c0726
- SHA512
  
  0c3837db6be3e63f14de9c997962d22c01c561b2efd549d833e7a6faed19cb8588450868c739ae0c6ce211627855e891b10fea3dc1daf7b22fb496c539711948
- SSDEEP
  
  192:T/LJ54scsnsG+KXSoOSafM4bK45EV4zCcww66TVNUZWXj+2VmuFVD2VMB0tTDMlk:T/LJ54scsns/ASXSafM4bd5E2Ew66TVe
Score

7^/10

defense_evasion discovery
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/help.conf
- Size
  
  40KB
- MD5
  
  e47cbd21fa243792fb050bc9483b704f
- SHA1
  
  be2df0935456c7402392653b1e3644d6e81f3393
- SHA256
  
  322297ebe80a24b48cafde6d8b2c1fa3b04f04d323c5d0fe9f8316af4fc16866
- SHA512
  
  017a3371fbfb0dd16c4d46dcbf65586c6a5b37266791820e7f90337817ec41bfe713eca0a50bfe0fc980fca3bac30d56e4dcb029e37542d88a4630d22aa11691
- SSDEEP
  
  768:ZjI/JLJ3qoH/rhv3lWdYNyNwLBOd0kWebyYe0FeYMJQA:ZjI/VJ3qole8kWebm0FeYuQA
Score

1^/10
behavioral21 behavioral22
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/ircdcron/ircdchk.in
- Size
  
  1KB
- MD5
  
  ff592049388beffee91e59d330febfd3
- SHA1
  
  5d0d83f30480592829354c734d0c339735e580a4
- SHA256
  
  dfd808256e1398982106407762604a811c44b337b358667d94f047eab005634f
- SHA512
  
  09c65d4c78749aed9db5f6c5ae16302ec3cfe9b4729922a99979eb7abe3a61e236fc408010f4ec8ff31b81d27fe153e7ecb7ae1e6d64bcd9014133ab64b5cd32
Score

1^/10
behavioral23 behavioral24 behavioral25 behavioral26
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/modulize
- Size
  
  630B
- MD5
  
  ca1bdaba900e72db1189bf57307bdde5
- SHA1
  
  e4b382ff467f734b3b6e66c4a2ae600c8bdb84f0
- SHA256
  
  d4dfffc7af677db0e12cc4ea4225f2a045f3ec08918e51763dcfafaf872e5ad6
- SHA512
  
  3c18c736e49156d99cb792248c5e159a526bdaaa945e56a067346c3ea33b6fb51bd1b79ead83f5bf69449414693c1da7688cd4f44228ee2ac652accd305e85e7
Score

3^/10

discovery
behavioral27 behavioral28 behavioral29 behavioral30
- Target
  
  UnrealIRCD_1_.priv.ClearScreen/Unreal/networks/awesomechristians.network
- Size
  
  1KB
- MD5
  
  1e6ee10a224583fb006994408bc0e27f
- SHA1
  
  dca89110654924f2d0cad82c89860e7e8e35e034
- SHA256
  
  1e758bbe528eec6fe5fb5ae8282145dcaf107a875c111d0689e1343b902a728a
- SHA512
  
  ea4d792a4a682187873de90e4f7d3c91da4ac2574c44cb9b5257efa2c9c7a58e27fa3d9b653180f8891eb1f495021bc45d83c145dcecad335cca51002add4d8a
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

defense_evasiondiscovery

behavioral18

defense_evasiondiscovery

behavioral19

defense_evasiondiscovery

behavioral20

defense_evasiondiscovery

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32