Overview

overview

10

Static

static

10

7abcb7efd4...f3318c

linux_armhf

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

  • Size

    160KB

  • Sample

    220625-ffrpeahad6

  • MD5

    a3320fa09178947439668a8cd6481ceb

  • SHA1

    e0f9fe0a917f8d4fcc7ccd4381c71b8362eebac0

  • SHA256

    7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

  • SHA512

    26a0dba6952acd111a92cfd38e77ade7bb2f0caa9275fba849232a5349bf0548aae7920fd752a8404af6217a89172da11293f8d29c230a8f7cb3e74791eef8bc

Score
10/10
kaitenlinuxpersistencesuricata

Malware Config

Targets

    • Target

      7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

    • Size

      160KB

    • MD5

      a3320fa09178947439668a8cd6481ceb

    • SHA1

      e0f9fe0a917f8d4fcc7ccd4381c71b8362eebac0

    • SHA256

      7abcb7efd40cd7f71e46f99d102ef9b6654afcaa321e4fd73a7d35cdf5f3318c

    • SHA512

      26a0dba6952acd111a92cfd38e77ade7bb2f0caa9275fba849232a5349bf0548aae7920fd752a8404af6217a89172da11293f8d29c230a8f7cb3e74791eef8bc

    Score
    10/10
    persistencesuricata

    • suricata: ET MALWARE IRC Nick change on non-standard port

      suricata: ET MALWARE IRC Nick change on non-standard port

      suricata

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks