f424733e07038ba5ab92e7f1dc37be51e11425986c40fe941a1ce3c11ae7759e | Triage

Sharing

General

Target

f424733e07038ba5ab92e7f1dc37be51e11425986c40fe941a1ce3c11ae7759e.elf
Size

17KB
Sample

241203-dqergsxlcw
MD5

56ae47729e916b612cebbc406b071ad3
SHA1

1977ab2c24e25e1e77daa7fc3eca9dc072f007ac
SHA256

f424733e07038ba5ab92e7f1dc37be51e11425986c40fe941a1ce3c11ae7759e
SHA512

7c56ec7c8af7ae11ecb8259d02cf742610034e89429fb6b889666811d164cba93fc91f60caac590577137d412f2d1e5268f14affa5983e6126c079d255097586
SSDEEP

192:RnxzjwsWskaDanX6JENuZYhz0h+fcfLBj4ksNOVSP5SFhF8hQlSvOdfLqdo:BWskamFsqGhR9jRsUVS5SF7

Score

7^/10

discovery execution linux persistence privilege_escalatio

Malware Config

Targets

- Target
  
  f424733e07038ba5ab92e7f1dc37be51e11425986c40fe941a1ce3c11ae7759e.elf
- Size
  
  17KB
- MD5
  
  56ae47729e916b612cebbc406b071ad3
- SHA1
  
  1977ab2c24e25e1e77daa7fc3eca9dc072f007ac
- SHA256
  
  f424733e07038ba5ab92e7f1dc37be51e11425986c40fe941a1ce3c11ae7759e
- SHA512
  
  7c56ec7c8af7ae11ecb8259d02cf742610034e89429fb6b889666811d164cba93fc91f60caac590577137d412f2d1e5268f14affa5983e6126c079d255097586
- SSDEEP
  
  192:RnxzjwsWskaDanX6JENuZYhz0h+fcfLBj4ksNOVSP5SFhF8hQlSvOdfLqdo:BWskamFsqGhR9jRsUVS5SF7
Score

7^/10

discovery execution persistence privilege_escalatio
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalatio
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionpersistenceprivilege_escalatio