Overview

overview

10

Static

static

10

rHGF6UobDr...j02lX5

ubuntu-22.04-amd64

7

Resubmissions

25/03/2025, 12:33

250325-prj85swths 10

25/03/2025, 12:32

250325-pqvcqazkz3 10

07/02/2025, 09:45

250207-lrhtjaykek 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rHGF6UobDrEAw59FT3LPxJNMVzBlj02lX5

  • Size

    112KB

  • Sample

    250325-pqvcqazkz3

  • MD5

    05d7857dcead18bbd86d2935f591873c

  • SHA1

    34d18f41ef35f93d5364ce3e24d74730a4e91985

  • SHA256

    2cb1fa4742268fb0196613aee7a39a08a0707b3ef8853280d5060c44f3650d70

  • SHA512

    d1793861067758a064ac1d59c80c78f9cb4b64dd680ab4a62dd050156dc0318dde590c7b44c1184c9ee926f73c3fc242662e42645faab6685ecef9d238d2e53e

  • SSDEEP

    3072:o0pHqiUxCoypP1Xyukbt56UFQ71SMSmUHM5RmNtbm9c:REOtiukxc3SmUHM5Rm/bm9c

Score
10/10
xorbotbotnetdiscoveryexecutionlinuxpersistenceprivilege_escalationtrojan

Malware Config

Targets

    • Target

      rHGF6UobDrEAw59FT3LPxJNMVzBlj02lX5

    • Size

      112KB

    • MD5

      05d7857dcead18bbd86d2935f591873c

    • SHA1

      34d18f41ef35f93d5364ce3e24d74730a4e91985

    • SHA256

      2cb1fa4742268fb0196613aee7a39a08a0707b3ef8853280d5060c44f3650d70

    • SHA512

      d1793861067758a064ac1d59c80c78f9cb4b64dd680ab4a62dd050156dc0318dde590c7b44c1184c9ee926f73c3fc242662e42645faab6685ecef9d238d2e53e

    • SSDEEP

      3072:o0pHqiUxCoypP1Xyukbt56UFQ71SMSmUHM5RmNtbm9c:REOtiukxc3SmUHM5Rm/bm9c

    Score
    7/10
    discoveryexecutionpersistenceprivilege_escalation

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      executionpersistenceprivilege_escalation

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks