elf_plead | ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766 | Triage

Sharing

General

Target

ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766
Size

942KB
Sample

210311-jzy5573b96
MD5

9be7bb0bcd93d46d9d9665666f217ed1
SHA1

d4bc9168836bbbb5ef32c402cb10000136912f34
SHA256

ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766
SHA512

a6bddc5eb7223f38145b615be1b4e8467114d0d6851e7200833a158a18757705731c0ec8f4b137c941070422c206ac3ef6b309b2a25bda0a809eb3971ed062dc

Score

10^/10

elf_plead linux

Malware Config

Extracted

Family

elf_plead

C2

mx.msdtc.tw

Attributes

id
0305

rc4.i32

Targets

- Target
  
  ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766
- Size
  
  942KB
- MD5
  
  9be7bb0bcd93d46d9d9665666f217ed1
- SHA1
  
  d4bc9168836bbbb5ef32c402cb10000136912f34
- SHA256
  
  ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766
- SHA512
  
  a6bddc5eb7223f38145b615be1b4e8467114d0d6851e7200833a158a18757705731c0ec8f4b137c941070422c206ac3ef6b309b2a25bda0a809eb3971ed062dc
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1