Overview

overview

10

Static

static

10

pty2gmgmusgd

linux_mipsel

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pty2gmgmusgd

  • Size

    156KB

  • Sample

    220425-3xhjdsdgfq

  • MD5

    97717ad2ff60ac257a5f66634fe06544

  • SHA1

    9845039ea2423177944fb7666595002891ca28e3

  • SHA256

    95d1fca8bea30d9629fdf05e6ba0fc6195eb0a86f99ea021b17cb8823db9d78b

  • SHA512

    1535c1402cce5805feff0373ad74de39d5fd5012ff4c400a1e82074fa9967cdc50e58876ad9f9a2352fcb340e77735abd2f5f3f5fa5dcde254f6abd326577f6e

Score
10/10
kaitenlinuxpersistence

Malware Config

Targets

    • Target

      pty2gmgmusgd

    • Size

      156KB

    • MD5

      97717ad2ff60ac257a5f66634fe06544

    • SHA1

      9845039ea2423177944fb7666595002891ca28e3

    • SHA256

      95d1fca8bea30d9629fdf05e6ba0fc6195eb0a86f99ea021b17cb8823db9d78b

    • SHA512

      1535c1402cce5805feff0373ad74de39d5fd5012ff4c400a1e82074fa9967cdc50e58876ad9f9a2352fcb340e77735abd2f5f3f5fa5dcde254f6abd326577f6e

    Score
    9/10
    persistence

    • Writes file to system bin folder

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Write file to user bin folder

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks