Overview

overview

10

Static

static

10

48dcbdf9f9...1bc5e7

linux_armhf

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48dcbdf9f92f959c6f9a1af52594cd90ab644d28f812e25729d11793581bc5e7

  • Size

    160KB

  • Sample

    220625-da9xpabcbn

  • MD5

    5b7755e24a2f39d098f5699d32ed6b64

  • SHA1

    4fdaf0da1ff2913a13482dbd30c73a4cdd06a8d1

  • SHA256

    48dcbdf9f92f959c6f9a1af52594cd90ab644d28f812e25729d11793581bc5e7

  • SHA512

    43b8a97e394ab998d577e058198b6f7fa6ac9312770ef9cfb2b2e15010de1cca6f05b8993c3a879e301b66e2f86b535fe4ddc548e43c39629cdc6412b3df8c32

Score
10/10
kaitenlinuxpersistence

Malware Config

Targets

    • Target

      48dcbdf9f92f959c6f9a1af52594cd90ab644d28f812e25729d11793581bc5e7

    • Size

      160KB

    • MD5

      5b7755e24a2f39d098f5699d32ed6b64

    • SHA1

      4fdaf0da1ff2913a13482dbd30c73a4cdd06a8d1

    • SHA256

      48dcbdf9f92f959c6f9a1af52594cd90ab644d28f812e25729d11793581bc5e7

    • SHA512

      43b8a97e394ab998d577e058198b6f7fa6ac9312770ef9cfb2b2e15010de1cca6f05b8993c3a879e301b66e2f86b535fe4ddc548e43c39629cdc6412b3df8c32

    Score
    7/10
    persistence

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks