Overview

overview

10

Static

static

10

38732f1c1c...76eed7

linux_armhf

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    38732f1c1c048dd9148dfef7b778ac964badbd3fc020a0dc0d69743eb976eed7

  • Size

    121KB

  • Sample

    220625-yq98lsaahr

  • MD5

    d54c2dd1fc3b39e27e307646638f67a8

  • SHA1

    4920e97636129aba57dfe8bf6c87c6b4ea3a13e2

  • SHA256

    38732f1c1c048dd9148dfef7b778ac964badbd3fc020a0dc0d69743eb976eed7

  • SHA512

    47ba5107dcafdd58a2f4e1993c4479c11ae6d176d11c586b5b253b372223441d202bf13d45a784708f8e22089e243c9f7e15c204786abf4a02ae8aade9c4b7e3

Score
10/10
kaitenlinuxpersistence

Malware Config

Targets

    • Target

      38732f1c1c048dd9148dfef7b778ac964badbd3fc020a0dc0d69743eb976eed7

    • Size

      121KB

    • MD5

      d54c2dd1fc3b39e27e307646638f67a8

    • SHA1

      4920e97636129aba57dfe8bf6c87c6b4ea3a13e2

    • SHA256

      38732f1c1c048dd9148dfef7b778ac964badbd3fc020a0dc0d69743eb976eed7

    • SHA512

      47ba5107dcafdd58a2f4e1993c4479c11ae6d176d11c586b5b253b372223441d202bf13d45a784708f8e22089e243c9f7e15c204786abf4a02ae8aade9c4b7e3

    Score
    8/10
    persistence

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks