xmrig | ef4e465bad5cc4eb2bf2284ec489e8f702483e34f4dae9fdd8314c455b6e9ca8

Sharing

Copy URL

Twitter E-mail

General

Target

master.zip
Size

62.4MB
Sample

241119-zgaxtssjby
MD5

73320fdcfde3be42ae63cdb125ddd7bd
SHA1

082992d194db180e67fb2d8b8a0a64515f85ac35
SHA256

ef4e465bad5cc4eb2bf2284ec489e8f702483e34f4dae9fdd8314c455b6e9ca8
SHA512

5a7baa1758d9938787e54aadc8083cc54060870abe6c287572b791e02e2cc8b4dcffccce3145514b72ea0f3f914101f8371d621a789f4db76d6b61ef1f733049
SSDEEP

1572864:tvBl2pIq+M/8XdVVt7xpBN7r5ppLpY8oVIQ1Iv4bmL:92pk7rVnphppuzIv4bmL

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

ps1.dropper

http://172.16.64.1/Sharphound.ps1

Extracted

Language

ps1

Source

URLs

ps1.dropper

http://172.16.64.1/Invoke-Kerberoast.ps1

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://www.youtube.com/iamjakoby

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://github.com/I-Am-Jakoby/hak5-submissions/raw/main/OMG/Payloads/OMG-JumpScare/jumpscare.png

exe.dropper

https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/OMG/Payloads/OMG-JumpScare/female_scream.wav?raw=true

Extracted

Language

ps1

Source

URLs

exe.dropper

https://c4.wallpaperflare.com/wallpaper/553/61/171/5k-black-hd-mockup-wallpaper-preview.jpg

Targets

- Target
  
  bashbunny-payloads-master/bunny-connecter.sh
- Size
  
  14KB
- MD5
  
  28995267dbb01c6947e25c7e139548d7
- SHA1
  
  a1883a4ed3eaae232ad04ae5e27d4f2e9dcac9e3
- SHA256
  
  fb299f0960658ed49f3ed93abf8ec76a6b589d802a7a46556f8923743e9b70f4
- SHA512
  
  db108246caa37ba17e8e12c0568eefcc71108381d5245de9c258b55d8c6d02cb1f2fee325631c25e47dc9bca0ef704b44d66557232671f8ad9ab5e2841e10a5c
- SSDEEP
  
  192:zEnSRsQcByYqxPY743NViFxdY86QFla/2Y8ZthskITJWt79zl:GS3NV6YUFcLmLhb
Score

3^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  bashbunny-payloads-master/config.txt
- Size
  
  84B
- MD5
  
  5ad7f30439c0afcf05e4c7d1d34ca3a8
- SHA1
  
  f7fc498a41d9935c1b553abac0bbee117289ff20
- SHA256
  
  9b06a01cb4de46401c0365203382293c1779f4368bf3f01cec505d47cdaa5e9d
- SHA512
  
  b2feca2ddc57395b8be51a70d4f829000b7ea76b785fe55608c4b89f70dd616e7bb7f240a24372640881b1591060fc4dcb7c921288a194c4e5be50e03019d921
Score

1^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  bashbunny-payloads-master/payloads/extensions/ble_exfil.sh
- Size
  
  473B
- MD5
  
  d32c4faa4306649fe369282bbf72a7f9
- SHA1
  
  e272f42ab5487159e829e075a86dc4e5938208d3
- SHA256
  
  88598ceb335d16f8d8152ad327a075ef69994e69e1477153e01aab2150405ef8
- SHA512
  
  e0f49421b85d9532a61495de88cefe73e4452521eddcd3e2acc80e8dd40c596362d299f1b19ca5d7da0ee2dbd271d4b96dfc2f86f872a790eea75f7e8b02a1e3
Score

1^/10
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  bashbunny-payloads-master/payloads/extensions/cucumber.sh
- Size
  
  725B
- MD5
  
  bde27ba8c8c7dc78e7542d544c64a50f
- SHA1
  
  c0b540cca9adfc657ce856b04cf252374d36700c
- SHA256
  
  fd0e5355be95c236ed8d6818cc1dd63d9cfd6c441274dc85b3e78fba6877c86e
- SHA512
  
  fd7aac3e8c42b63537d37b430a29f06d90ac8be7b9603007a8fc74c7b9673ae8f0208308f6a519d1ac95d68b6277667f225c126e5efcb4a62ab64fe0f76cb17b
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  bashbunny-payloads-master/payloads/extensions/debug.sh
- Size
  
  820B
- MD5
  
  5ce5c7627706cfebd06c3666599cab5c
- SHA1
  
  e34e1b36dd5604f36dad78397e4d54b04d886cdd
- SHA256
  
  4ed983ce19e7c38a9b8d309401398cf465a169232fa31b9276def1adf1c4c841
- SHA512
  
  63b4b8326b6431a724cde6f51ebe3fdfec6a44c77b01bb205c903f65abe6bdceae1ad860f8b0c0ba416a6391b20432410cee6c0f048bfe4579f80db3efd378e9
Score

1^/10
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  bashbunny-payloads-master/payloads/extensions/discord.sh
- Size
  
  3KB
- MD5
  
  2f9e1b6dd1b89b72a7aa69920991c2cf
- SHA1
  
  0787be3bed89c51b20f358efa972a079c2dd2e18
- SHA256
  
  f3fc399a7eb025e2e6be871e69cb2b1e00506a5daca70f199cdbcd7e7136d2b7
- SHA512
  
  8d8cd7b7ed49ee1c95124e120425907d915e7c0bdc66b999993b38641fe1f3824dacf6787ee8ff573d0a63421b3a5bda86aeb9200adfaec51c13cdf2cf150e82
Score

1^/10
behavioral21 behavioral22 behavioral23 behavioral24
- Target
  
  bashbunny-payloads-master/payloads/extensions/drop.sh
- Size
  
  2KB
- MD5
  
  e027f3d2f08539ab4b065d21d81bd5f9
- SHA1
  
  ed7d1bebfc5c24588059ef81c26fb48094ad1d49
- SHA256
  
  1f86fffd17239988b5a4954ba5e2870d3f685236b9d238cdca26eb70cacebea1
- SHA512
  
  4b15cfcb13dd1df86f3769abace33f446e45646e4bb0d5356c2ebec6598215f0975238f13c014159b6d3e1165bb7144974f4db725226c28843984f75fcb0fede
Score

1^/10
behavioral25 behavioral26 behavioral27 behavioral28
- Target
  
  bashbunny-payloads-master/payloads/extensions/ducky_lang.sh
- Size
  
  136B
- MD5
  
  1fec93365f71b3f846c504a16a3dbf0b
- SHA1
  
  e389c945096abe19aacb02f22192da98ab8cd0cb
- SHA256
  
  34c550bceb11f88c2f93fb33c33e38d85f665c5bc9af63ec618bb81be636a199
- SHA512
  
  671dc257c68f7e97c339a19d96c948be940fa85663389d37b5affefe1e8f3ef045b1222a9e53aa296f40ff0f40be4ef98e5c579b01daa513f54c3de034d05b16
Score

1^/10
behavioral29 behavioral30 behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Extracted

Extracted

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32