a9d848b441774a2ab9ab9f79eccb4f878e28294e3a457af7fa0423c20f3d87aa | Triage

Sharing

General

Target

a9d84_sore_shelter_elf
Size

11.3MB
Sample

220811-z6mmxscedl
MD5

639fad542e4efa374e5f9fe0b97706ab
SHA1

9dffe7878b0cf82f52fefde9c05b376420f6bc13
SHA256

a9d848b441774a2ab9ab9f79eccb4f878e28294e3a457af7fa0423c20f3d87aa
SHA512

dd83297f29715b7ed6af79333d1f5b0904bae03fa295239ebc5c71f4ed08ed940d6ecd048dc9d4303824e382eb5c6a053cf619387ecfc8c9f3ad95f2dc71a0c4

Score

5^/10

linux

Malware Config

Targets

- Target
  
  a9d84_sore_shelter_elf
- Size
  
  11.3MB
- MD5
  
  639fad542e4efa374e5f9fe0b97706ab
- SHA1
  
  9dffe7878b0cf82f52fefde9c05b376420f6bc13
- SHA256
  
  a9d848b441774a2ab9ab9f79eccb4f878e28294e3a457af7fa0423c20f3d87aa
- SHA512
  
  dd83297f29715b7ed6af79333d1f5b0904bae03fa295239ebc5c71f4ed08ed940d6ecd048dc9d4303824e382eb5c6a053cf619387ecfc8c9f3ad95f2dc71a0c4
Score

5^/10
- Enumerates kernel/hardware configuration
  Reads contents of /sys virtual filesystem to enumerate system information.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1