Resubmissions
16/04/2025, 12:56
250416-p6jwxsvrw8 116/04/2025, 12:56
250416-p6dd5svrw7 116/04/2025, 12:52
250416-p4av8s1vhx 816/04/2025, 12:51
250416-p3kztavrv6 416/04/2025, 12:51
250416-p3f1vsvrv3 116/04/2025, 12:50
250416-p3ah3s1vgx 116/04/2025, 12:50
250416-p273ysvrt8 116/04/2025, 12:50
250416-p22wyavrt6 116/04/2025, 12:50
250416-p2zftavrt5 1General
-
Target
ubuntu2404-amd64-20240523-uk.ps1
-
Size
1B
-
Sample
250416-p4av8s1vhx
-
MD5
f1290186a5d0b1ceab27f4e77c0c5d68
-
SHA1
aff024fe4ab0fece4091de044c58c9ae4233383a
-
SHA256
50e721e49c013f00c62cf59f2163542a9d8df02464efeb615d31051b0fddc326
-
SHA512
aa66509891ad28030349ba9581e8c92528faab6a34349061a44b6f8fcd8d6877a67b05508983f12f8610302d1783401a07ec41c7e9ebd656de34ec60d84d9511
Malware Config
Targets
-
-
Target
ubuntu2404-amd64-20240523-uk.ps1
-
Size
1B
-
MD5
f1290186a5d0b1ceab27f4e77c0c5d68
-
SHA1
aff024fe4ab0fece4091de044c58c9ae4233383a
-
SHA256
50e721e49c013f00c62cf59f2163542a9d8df02464efeb615d31051b0fddc326
-
SHA512
aa66509891ad28030349ba9581e8c92528faab6a34349061a44b6f8fcd8d6877a67b05508983f12f8610302d1783401a07ec41c7e9ebd656de34ec60d84d9511
Score8/10-
Path Permission
Adversaries may modify directory permissions/attributes to evade access control lists (ACLs) and access protected files.
-
Gatekeeper Bypass
Adversaries may modify file attributes and subvert Gatekeeper functionality to evade user prompts and execute untrusted programs. Gatekeeper is a set of technologies that act as layer of Apples security model to ensure only trusted applications are executed on a host.
-
File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary (ex: Ingress Tool Transfer) may leave traces to indicate to what was done within a network and how. Removal of these files can occur.
-