Overview

overview

10

Static

static

10

42a60f927d...4d9134

linux_mips

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

  • Size

    239KB

  • Sample

    220708-b9762aeec8

  • MD5

    5d0a617053c8653fdfe2dccc12ee4d9f

  • SHA1

    78725be873d3797aa1220c101391f2bef7758fe8

  • SHA256

    42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

  • SHA512

    ae733c0c804900b87a277952e06f9d5cdc4448453ceebcb500855d4f07720618b4b8c621a5a4e34f581bfabd9913afd1df47fb18f12faba99db169d0b6015491

Score
10/10
kaitenlinuxpersistence

Malware Config

Targets

    • Target

      42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

    • Size

      239KB

    • MD5

      5d0a617053c8653fdfe2dccc12ee4d9f

    • SHA1

      78725be873d3797aa1220c101391f2bef7758fe8

    • SHA256

      42a60f927d0828417fcadd004dcb716f1b3db0a1754c3173dd38ee18bf4d9134

    • SHA512

      ae733c0c804900b87a277952e06f9d5cdc4448453ceebcb500855d4f07720618b4b8c621a5a4e34f581bfabd9913afd1df47fb18f12faba99db169d0b6015491

    Score
    8/10
    persistence

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks