elf_plead | 5b5f8c4611510c11d413cb2bef70867e584f003210968f97e0c54e6d37ba8d8d | Triage

Sharing

General

Target

5b5f8c4611510c11d413cb2bef70867e584f003210968f97e0c54e6d37ba8d8d
Size

47KB
Sample

210311-q6xkxrzeze
MD5

0fbb54af3585af0a14a3797580b78468
SHA1

81e5ed2bb26ec3df4492185add7395b1831497d4
SHA256

5b5f8c4611510c11d413cb2bef70867e584f003210968f97e0c54e6d37ba8d8d
SHA512

0356ea088aef49b0d51d601848fdaa11ef76485fd78d3d018713aecbc0e81e2cf20d48b4a26f03247525185a765366c7521330b353534d77a8058e562640f873

Score

10^/10

elf_plead linux

Malware Config

Extracted

Family

elf_plead

C2

mx.msdtc.tw

Attributes

id
0305

rc4.i32

Targets

- Target
  
  5b5f8c4611510c11d413cb2bef70867e584f003210968f97e0c54e6d37ba8d8d
- Size
  
  47KB
- MD5
  
  0fbb54af3585af0a14a3797580b78468
- SHA1
  
  81e5ed2bb26ec3df4492185add7395b1831497d4
- SHA256
  
  5b5f8c4611510c11d413cb2bef70867e584f003210968f97e0c54e6d37ba8d8d
- SHA512
  
  0356ea088aef49b0d51d601848fdaa11ef76485fd78d3d018713aecbc0e81e2cf20d48b4a26f03247525185a765366c7521330b353534d77a8058e562640f873
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1