Overview

overview

10

Static

static

10

12da05beef...46d99e

linux_amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12da05beef9e09a47dd290e64d46d99e

  • Size

    83KB

  • Sample

    220512-hfreradefq

  • MD5

    12da05beef9e09a47dd290e64d46d99e

  • SHA1

    d6e4a7bc336c7479129cc58cad5bd1e78471b225

  • SHA256

    255dc7b1fc8ad08bbc98a54fa02d1294ad70620f4d492471eab461f623a2855d

  • SHA512

    87a0f79513504b3e0a9c0a1c28f8d0a9d69cd4ebe1eaf97a823671769efe36bd00a3fd9e247c53a1818c926eb5b825b0f8a191ea9898ed67b8bc938bd9a6813b

Score
10/10
gafgytdiscoverylinux

Malware Config

Targets

    • Target

      12da05beef9e09a47dd290e64d46d99e

    • Size

      83KB

    • MD5

      12da05beef9e09a47dd290e64d46d99e

    • SHA1

      d6e4a7bc336c7479129cc58cad5bd1e78471b225

    • SHA256

      255dc7b1fc8ad08bbc98a54fa02d1294ad70620f4d492471eab461f623a2855d

    • SHA512

      87a0f79513504b3e0a9c0a1c28f8d0a9d69cd4ebe1eaf97a823671769efe36bd00a3fd9e247c53a1818c926eb5b825b0f8a191ea9898ed67b8bc938bd9a6813b

    Score
    7/10
    discovery

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks