262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693.elf
Size

7.1MB
Sample

241015-bknq4azelr
MD5

bdd59b6239a4d3d17f1ff56f25ed4417
SHA1

745472dbaace1e9637b0f92dd1e8cecfb5a885a2
SHA256

262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693
SHA512

362b275d5186da6b24f4934489f309b895b6cdc5e3021088c63448dfaad3f422f9f5b11ce0eb31034a5b1ad5d0aacd1aa0e30788fbf8eeb064332fae443739ef
SSDEEP

98304:myj4EXuPM1EevFrKpukigWz5Hl2IrUCIhOlI/vh+SjYH:9j4EXuAEevFrOy1F2lCMOlI/UvH

Score

7^/10

discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693.elf
- Size
  
  7.1MB
- MD5
  
  bdd59b6239a4d3d17f1ff56f25ed4417
- SHA1
  
  745472dbaace1e9637b0f92dd1e8cecfb5a885a2
- SHA256
  
  262d14588d9c2eb5ea9e107143aa3eceb6d07c2a5bc5ca77b14657db125fc693
- SHA512
  
  362b275d5186da6b24f4934489f309b895b6cdc5e3021088c63448dfaad3f422f9f5b11ce0eb31034a5b1ad5d0aacd1aa0e30788fbf8eeb064332fae443739ef
- SSDEEP
  
  98304:myj4EXuPM1EevFrKpukigWz5Hl2IrUCIhOlI/vh+SjYH:9j4EXuAEevFrOy1F2lCMOlI/UvH
Score

7^/10

discovery execution persistence privilege_escalatio
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionpersistenceprivilege_escalatio