General

  • Target

    8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

  • Size

    240KB

  • Sample

    220724-2m9z8abeej

  • MD5

    f3d3ba9da9123d200fe6627d970838cd

  • SHA1

    c780af224fc7c82524c1fa6c9392d2805a631436

  • SHA256

    8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

  • SHA512

    21bf1baa84b5470c45185bb0511b1669664d43d90b2dd61df401889b3ca08933013a7da8b445808ad2e4624d1b9de58b893ff97edef13691b919ae33d72e742c

Score
10/10

Malware Config

Targets

    • Target

      8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

    • Size

      240KB

    • MD5

      f3d3ba9da9123d200fe6627d970838cd

    • SHA1

      c780af224fc7c82524c1fa6c9392d2805a631436

    • SHA256

      8b5d6d9d1094279f089ce549a77ac041aa87654b862ce24f7e17b84bdcf89278

    • SHA512

      21bf1baa84b5470c45185bb0511b1669664d43d90b2dd61df401889b3ca08933013a7da8b445808ad2e4624d1b9de58b893ff97edef13691b919ae33d72e742c

    Score
    7/10
    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Boot or Logon Autostart Execution

1
T1547

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Discovery

System Network Configuration Discovery

2
T1016

Tasks