0e9681a3e1bc63117b1b8f18e32d1c5cf7df6e74846af8eb764c81532c5e9aaa | Triage

Sharing

General

Target

0e9681a3e1bc63117b1b8f18e32d1c5cf7df6e74846af8eb764c81532c5e9aaa
Size

41KB
Sample

210721-kwvlcw3zzj
MD5

d23eaad9238c7e66236f9089b5c4092e
SHA1

4da61ff9fcebfac54d27c78f870c6865a058d0a5
SHA256

0e9681a3e1bc63117b1b8f18e32d1c5cf7df6e74846af8eb764c81532c5e9aaa
SHA512

c1e318c7becebd9b59ec4d826f43e58b613e3853b873f6294c23870adca80cad72edc43661b1aae8856f7045cb8c9195584bb459eef73d2c620dc45a7ca325a7

Score

7^/10

linux

Malware Config

Targets

- Target
  
  0e9681a3e1bc63117b1b8f18e32d1c5cf7df6e74846af8eb764c81532c5e9aaa
- Size
  
  41KB
- MD5
  
  d23eaad9238c7e66236f9089b5c4092e
- SHA1
  
  4da61ff9fcebfac54d27c78f870c6865a058d0a5
- SHA256
  
  0e9681a3e1bc63117b1b8f18e32d1c5cf7df6e74846af8eb764c81532c5e9aaa
- SHA512
  
  c1e318c7becebd9b59ec4d826f43e58b613e3853b873f6294c23870adca80cad72edc43661b1aae8856f7045cb8c9195584bb459eef73d2c620dc45a7ca325a7
Score

7^/10
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1