a86b877e9e694a1f2b70a3a193fe135b751d78fa1ad4a795f11cbc34d4b78a51 | Triage

Sharing

General

Target

a86b877e9e694a1f2b70a3a193fe135b751d78fa1ad4a795f11cbc34d4b78a51.sh
Size

24KB
Sample

241121-jge9js1ajk
MD5

583c626e8ba30e2c920358b3b1c28519
SHA1

3b96052208c8a976ddc930a91ed7d507f31bc868
SHA256

a86b877e9e694a1f2b70a3a193fe135b751d78fa1ad4a795f11cbc34d4b78a51
SHA512

fd4b8f91a161f3086290e92a2f9502f7005bd83e00535f3376c2827b20ec40754b31250908242311f7f756644a25262794c80b898533dea698e86611274b7fbd
SSDEEP

768:32xRI1YH38QoMfzBIef2Wcu/J5L/J5+15BKll:0IXWcmjAmz

Score

7^/10

antivm credential_access defense_evasion discovery execution linux persistence

Malware Config

Targets

- Target
  
  a86b877e9e694a1f2b70a3a193fe135b751d78fa1ad4a795f11cbc34d4b78a51.sh
- Size
  
  24KB
- MD5
  
  583c626e8ba30e2c920358b3b1c28519
- SHA1
  
  3b96052208c8a976ddc930a91ed7d507f31bc868
- SHA256
  
  a86b877e9e694a1f2b70a3a193fe135b751d78fa1ad4a795f11cbc34d4b78a51
- SHA512
  
  fd4b8f91a161f3086290e92a2f9502f7005bd83e00535f3376c2827b20ec40754b31250908242311f7f756644a25262794c80b898533dea698e86611274b7fbd
- SSDEEP
  
  768:32xRI1YH38QoMfzBIef2Wcu/J5L/J5+15BKll:0IXWcmjAmz
Score

7^/10

antivm discovery execution credential_access defense_evasion persistence
- Executes dropped EXE
- OS Credential Dumping
  Adversaries may attempt to dump credentials to use it in password cracking.
  credential_access
- Deletes log files
  Deletes log files on the system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
- Write file to user bin folder
  persistence
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Software Deployment Tools

Persistence

Privilege Escalation

Defense Evasion

Indicator Removal

Clear Linux or Mac System Logs

Virtualization/Sandbox Evasion

System Checks

Credential Access

OS Credential Dumping

/etc/passwd and /etc/shadow

Discovery

System Information Discovery

System Network Configuration Discovery

Virtualization/Sandbox Evasion

System Checks

Lateral Movement

Software Deployment Tools

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

antivmdiscoveryexecution

behavioral2

antivmdiscoveryexecution

behavioral3

antivmcredential_accessdefense_evasiondiscoveryexecutionpersistence

behavioral4

antivmdefense_evasiondiscoveryexecution