3c817b98ac794f30a7f124c81f1b223ec345d58c68fe8c7dcb9464864d89079b | Triage

Sharing

General

Target

e20948d53fe6d7f4637d3735fd8cf9ca
Size

47KB
Sample

210727-6wlkfvztme
MD5

e20948d53fe6d7f4637d3735fd8cf9ca
SHA1

fe9309cae595b36ec3cac4932ae807c17cd4d0db
SHA256

3c817b98ac794f30a7f124c81f1b223ec345d58c68fe8c7dcb9464864d89079b
SHA512

5d5638065742c668392739761c3f5c3768713528040b6faf42c7eff05566877827e856c83a1576be73fe3089f6ed42a429bc6dcc3f5703f2b5cc33b7c87f253d

Score

7^/10

linux

Malware Config

Targets

- Target
  
  e20948d53fe6d7f4637d3735fd8cf9ca
- Size
  
  47KB
- MD5
  
  e20948d53fe6d7f4637d3735fd8cf9ca
- SHA1
  
  fe9309cae595b36ec3cac4932ae807c17cd4d0db
- SHA256
  
  3c817b98ac794f30a7f124c81f1b223ec345d58c68fe8c7dcb9464864d89079b
- SHA512
  
  5d5638065742c668392739761c3f5c3768713528040b6faf42c7eff05566877827e856c83a1576be73fe3089f6ed42a429bc6dcc3f5703f2b5cc33b7c87f253d
Score

7^/10
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3