Overview

overview

8

Static

static

3

USB_Watchd....o.cmd

windows7-x64

1

USB_Watchd....o.cmd

windows10-2004-x64

1

USB_Watchd...ko.cmd

windows7-x64

1

USB_Watchd...ko.cmd

windows10-2004-x64

1

USB_Watchd....o.cmd

windows7-x64

1

USB_Watchd....o.cmd

windows10-2004-x64

1

USB_Watchd....o.cmd

windows7-x64

1

USB_Watchd....o.cmd

windows10-2004-x64

1

USB_Watchd...ers.sh

ubuntu-18.04-amd64

3

USB_Watchd...ers.sh

debian-9-armhf

3

USB_Watchd...ers.sh

debian-9-mips

4

USB_Watchd...ers.sh

debian-9-mipsel

8

USB_Watchd...og0201

ubuntu-22.04-amd64

1

USB_Watchd..._TEMP_

ubuntu-18.04-amd64

1

USB_Watchd..._TEMP_

debian-9-armhf

1

USB_Watchd..._TEMP_

debian-9-mips

1

USB_Watchd..._TEMP_

debian-9-mipsel

1

USB_Watchd...ess.sh

ubuntu-18.04-amd64

4

USB_Watchd...ess.sh

debian-9-armhf

6

USB_Watchd...ess.sh

debian-9-mips

6

USB_Watchd...ess.sh

debian-9-mipsel

6

USB_Watchd...dog.sh

ubuntu-18.04-amd64

1

USB_Watchd...dog.sh

debian-9-armhf

1

USB_Watchd...dog.sh

debian-9-mips

1

USB_Watchd...dog.sh

debian-9-mipsel

1

USB_Watchd...art.sh

ubuntu-18.04-amd64

4

USB_Watchd...art.sh

debian-9-armhf

4

USB_Watchd...art.sh

debian-9-mips

4

USB_Watchd...art.sh

debian-9-mipsel

4

USB_Watchd...dog.sh

ubuntu-18.04-amd64

3

USB_Watchd...dog.sh

debian-9-armhf

3

USB_Watchd...dog.sh

debian-9-mips

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f0b01c53c7552dc276f2d81df00c9ca_JaffaCakes118

  • Size

    3.1MB

  • Sample

    240702-mvsnkssfqj

  • MD5

    1f0b01c53c7552dc276f2d81df00c9ca

  • SHA1

    fd56527cc3047a280854baac56d5ce8450defb9c

  • SHA256

    f25840a56d42bff764c6f653141d5d0cfe2bd18fc6bcfa8691a9f5ab3d737c98

  • SHA512

    d8af4dd20304b02be8093e0ff1b84cd5b88f937d212edc7679293dfbef7d73345685e46bec5141f47d67139ddca045db113cdcde00ba8cbd0901f46977375e32

  • SSDEEP

    98304:ziXhLeBzzjZdYmAG+nTgvNtGW0qFQjHr/K:mxiRjZdYmA7lWOS

Score
8/10
linuxpersistence

Malware Config

Targets

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/Drivers/.built-in.o.cmd

    • Size

      178B

    • MD5

      67e631695cd69e274cce3d45975cd28f

    • SHA1

      cae61d696f3c4026ca27276bd9eeab622b542912

    • SHA256

      ba08170f515338c1c52f14967c5d93448c6a4ac25332043d61629489ca483304

    • SHA512

      33b0df530a0f7021f389d1a28bdd479a50473b3d449cb30afd26315e6337f4aaf7ccac923fa06f978234fcb537f9e141f776dadeb89293bdf532d340a0494627

    Score
    1/10
    behavioral1behavioral2

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/Drivers/.ch34x.ko.cmd

    • Size

      279B

    • MD5

      4b5f3958d509e42e975d5b1a10a6c317

    • SHA1

      309e4b15362bf4dd6f5941e3c8349add1a9d1b91

    • SHA256

      b470b541d19b7030b17da3bb1fb597562955fdc0b5434dead213d3b756c70d44

    • SHA512

      21e8ed8f51a3e1cdeaa81f334ed6dc28e1126b0c0c2976a6383c75d66baf184cdd9624f18d08eb51f06ecedecf82f5f79840bb0bace7350c7dc97d83a7bbb435

    Score
    1/10
    behavioral3behavioral4

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/Drivers/.ch34x.mod.o.cmd

    • Size

      27KB

    • MD5

      59afa964d2df22e8d2cc8c46a489e9bc

    • SHA1

      abe3813a52b0a7334ead4e578c5f3470e1a92f68

    • SHA256

      f5a8f47769c25f6e8b3742a9520b8cc3083daaaa6be2e7af5ff581b026c55be4

    • SHA512

      79d8a70144d35a8e4b2516b471bd162dc46458c0f41d077095ca002bad868616d980a422b1b977d55c98588573b4ff189baf8fcf58567b8bc8fe325e2aea57c4

    • SSDEEP

      192:SDnOMIoqFuTLjRZ0D6iAp4QTCZ5Ad1L5c9/EWGqMXeHKRejZXiR22+9+/5t:aOa/TL9Z0eiiCHUW0XdejD9e7

    Score
    1/10
    behavioral5behavioral6

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/Drivers/.ch34x.o.cmd

    • Size

      41KB

    • MD5

      ffefc6b1cf7c0a1e4048d384a0a9464c

    • SHA1

      8df3b89654ba55f454e09680301cb6f90dcf0599

    • SHA256

      42f0f65ef5192e5234d47d39cfd4cbd236a622c8c7b0900d461b3e2ae14c3c41

    • SHA512

      7a688d0394cd3405b4f79a5c815dead0783481a9a697287240416df096eed8e7c1a3344d4b98bfae0fb9212363b1894427bbd93d4df6fb55c5b107edb9e2a7bb

    • SSDEEP

      384:COacSa0kRLs5HTXR3ejKHTKuwvEeD0ysG:COacSaXWTXBeOHTKuwsG

    Score
    1/10
    behavioral7behavioral8

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/Drivers/install_drivers.sh

    • Size

      456B

    • MD5

      b4e4c4f942dd7cbd2f94195ace9e3f7c

    • SHA1

      cda2858e8fddd7c2965615359db3fd7e048ac334

    • SHA256

      c7d40078265952155294b9848bca960414e82bfdb50f4223d08f98318fc41d54

    • SHA512

      e86dc5dae46cee121fb39338fd2a82cc0225f42e96690898d94dbee05ce14d373cdbbeb7d426b89fdf29df6b8262f3380c1aa1abc9f8a8876f24dd95b8584f0e

    Score
    8/10

    • Writes memory of remote process

    behavioral10behavioral11behavioral12behavioral9

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/PCWatchdog0201

    • Size

      915KB

    • MD5

      584e54adc1639baa1952c06ec94cdfb5

    • SHA1

      7ef4918694cb5ee06118e0e526d00cbd6b775878

    • SHA256

      9b2edd2869ddf50fb6a5f0b5be19fdddb26abbee8d8e05a674c40939d7b25382

    • SHA512

      fd63a22af3502292dd18572f721f2c4c59c15e8f1016da314b163c0edf77a97f7d6000ffd7b2f932cbb10e8cb4b2e9bef3ad4f32f15c70a3d7f5a36bb77be285

    • SSDEEP

      24576:Zju8g91bi2KRC1x7rOavdC+8whj1+y1/CfC:Zju8g91bi2KRC37rPU+bdAy1/

    Score
    1/10
    behavioral13

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/_PWD_TEMP_

    • Size

      24B

    • MD5

      86a25e30af545641421786ffdb2dc2bd

    • SHA1

      26cbbb7cf2285bf3b26cda11f1f4147554d69164

    • SHA256

      822c599ad50ba474460b341ca7bb797f6dc350eb117fa8d208295c0836cc9571

    • SHA512

      b4ee27b764a072332eb15c9f7e9bdd9755fc1be76adc9168898cef73d0209861a838adb1b13408cf61f6bb306dbf42786f7b8da087681a25ad184708f246ab3b

    Score
    1/10
    behavioral14behavioral15behavioral16behavioral17

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/monitor_process.sh

    • Size

      307B

    • MD5

      ac8678ddeb490440945825c78a584094

    • SHA1

      f0355d93ba39d4f9a57c0d144d239610a6ac4d1c

    • SHA256

      9343905fb4072b26941b29938fc24a483e5dabc37b118af8bf709bf33f1775e8

    • SHA512

      e990fd4dd0c40984729fd6ccb3827e3536ba4cc66388e0f60130b0da8381ed5d1d153087d161ec1468553ae33ad7e285914096ae72e27e96d3d01a531665c726

    Score
    6/10

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral18behavioral19behavioral20behavioral21

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/restart_watchdog.sh

    • Size

      99B

    • MD5

      c58a1ad79b800b8ec53ed74e71d9e095

    • SHA1

      66139018ee91ee386d17d0b491d102823d78f9bd

    • SHA256

      32f39c48ac9622435d2e3b5e887ced958c3746906d9883ade4de53c62e8d3206

    • SHA512

      d79cfb876e749e81d78b00e97c8b2e3b61ea893e179df698f949640e7bc450cff7532d7f7d2d19ea585e8573809fa305d91b5d45ec884ba8060bca9d7c43726b

    Score
    1/10
    behavioral22behavioral23behavioral24behavioral25

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/set_autostart.sh

    • Size

      933B

    • MD5

      2b9d140710e2f99803ac4f5824dadd2f

    • SHA1

      9dc7da27eadd51d42cd25e8db9c61de27081fece

    • SHA256

      10ca124bf3d30bde44a7efcadf5786dbf78d08e30047ccb03a26ec689b2d2a78

    • SHA512

      667ce06fa8697274883071b5321a5d35c42d2aae1fc9249db267eabda915c98ad5e34642a3b0eee70d43c4fb0f539e418bc8ea119714bf9d43d2096a6477ac0d

    Score
    4/10
    persistence
    behavioral26behavioral27behavioral28behavioral29

    • Target

      USB_Watchdog/USBWatchdog_LINUX/PCWatchdog0201/start_watchdog.sh

    • Size

      577B

    • MD5

      365c6f57fd18107e1ab5b679f43c03db

    • SHA1

      b0c79a12b1121188f4f67bfce3e9a500756596ae

    • SHA256

      76ab9b46582142f8e94f3da806ef6493038e6574b3202d55522e811a23e173cc

    • SHA512

      7d051c205aebf56671b3e0e0eb096d3bff0ba0d06f83a046a9cd600f1228a0fff30d7d1378217aad5d3649955ba9f91f5932b2d850888f0631512a0313f9e5fd

    Score
    4/10
    behavioral30behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

User Execution

1
T1204

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

5
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
4/10

behavioral12

Score
8/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
4/10

behavioral19

Score
6/10

behavioral20

Score
6/10

behavioral21

Score
6/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

persistence
Score
4/10

behavioral27

persistence
Score
4/10

behavioral28

persistence
Score
4/10

behavioral29

persistence
Score
4/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
4/10