Overview

overview

10

Static

static

10

ca0e83440b...898766

linux_amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766

  • Size

    942KB

  • Sample

    210311-jzy5573b96

  • MD5

    9be7bb0bcd93d46d9d9665666f217ed1

  • SHA1

    d4bc9168836bbbb5ef32c402cb10000136912f34

  • SHA256

    ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766

  • SHA512

    a6bddc5eb7223f38145b615be1b4e8467114d0d6851e7200833a158a18757705731c0ec8f4b137c941070422c206ac3ef6b309b2a25bda0a809eb3971ed062dc

Score
10/10
elf_pleadlinux

Malware Config

Extracted

Family

elf_plead

C2

mx.msdtc.tw

Attributes
  • id

    0305

rc4.i32

Targets

    • Target

      ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766

    • Size

      942KB

    • MD5

      9be7bb0bcd93d46d9d9665666f217ed1

    • SHA1

      d4bc9168836bbbb5ef32c402cb10000136912f34

    • SHA256

      ca0e83440b77eca4d2eda6efd9530b49ffb477f87f36637b5e43f2e428898766

    • SHA512

      a6bddc5eb7223f38145b615be1b4e8467114d0d6851e7200833a158a18757705731c0ec8f4b137c941070422c206ac3ef6b309b2a25bda0a809eb3971ed062dc

    Score
    8/10

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks