General
-
Target
name.zip
-
Size
3.9MB
-
Sample
241021-n55xbsshjb
-
MD5
b001d8369997dbf8f9303de8faed1adb
-
SHA1
b3f8425585c95c6c737add0d63ba148691345c20
-
SHA256
e0167b29311f359344fe2879d8de3e8f5eb4c4d5a54bf0d46406d1d7af0cd2ff
-
SHA512
39a51b404afa8b5a3cd8e653310492633eb9bb34e27b08a93da448fcbd5c6c7df1c7ef3b4a5f7824d5bd2747850267acd2a0c05f1d60e75495e4e6ceb52956a6
-
SSDEEP
98304:sQE0RKwiLgnCy7n+wF3BOvExR+CEM29vVuiC7sM9Nh6on61KC2nA4:LEkdn/n+WR9x0uovV1C7sM9zL61KCSA4
Behavioral task
behavioral1
Sample
kermine
Resource
ubuntu2404-amd64-20240729-en
Malware Config
Targets
-
-
Target
kermine
-
Size
1.3MB
-
MD5
13d1ec32d39153bddcb677fc491d90f8
-
SHA1
28f07354c83098f3f2f988249251096bcdf68549
-
SHA256
7f2b4e30c6ae7c56c0bc861f920bca6b52183b3e8bc30347739c6591bdfaa589
-
SHA512
1dbcab16cb408f8c895609af43f973c09b4c0dda5da1f36e2524823b53874cdce585bf4d4d489f9323043f69d688cf3375ad14036e99f0b09c6bdfddf66289b4
-
SSDEEP
24576:87U+XfGMTwJ7RBNytH9wiPGKgIxECVVXZSELt:8g+XfjU7RBNC9wiPGKgIxE8VwE
-
OS Credential Dumping
Adversaries may attempt to dump credentials to use it in password cracking.
-
Abuse Elevation Control Mechanism: Sudo and Sudo Caching
Abuse sudo or cached sudo credentials to execute code.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads list of loaded kernel modules
Reads the list of currently loaded kernel modules, possibly to detect virtual environments.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Abuse Elevation Control Mechanism
1Sudo and Sudo Caching
1Indicator Removal
2Clear Linux or Mac System Logs
2Virtualization/Sandbox Evasion
1