bpfdoor | f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27 | Triage

Submit
Reports

Overview

overview

Static

static

f8a5e735d6...27.elf

ubuntu-18.04-amd64

7

Sharing

General

Target

f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27.elf
Size

36KB
Sample

221115-qc8tmaea62
MD5

eb9c1fc238d078f49a33442e8adaa73f
SHA1

851d9a438b9bf3e9b0dc65fb2d18d6f3636ad71c
SHA256

f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27
SHA512

5f1a3c260a8cd0f1841396051e1cb7ffe18edf21fb64ec1703d882c019d0f9c8a22df61fb90a3aed006ca74af1e149333f44dae1fec048decc77bc412ba8dc53
SSDEEP

768:EYt/D0oDxSPRmqbDRSDIhpP30iFN2RDMPauudYgeguS:Ei0oDqRmq70iFN2RDRX

Score

10^/10

bpfdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27.elf

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27.elf
- Size
  
  36KB
- MD5
  
  eb9c1fc238d078f49a33442e8adaa73f
- SHA1
  
  851d9a438b9bf3e9b0dc65fb2d18d6f3636ad71c
- SHA256
  
  f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27
- SHA512
  
  5f1a3c260a8cd0f1841396051e1cb7ffe18edf21fb64ec1703d882c019d0f9c8a22df61fb90a3aed006ca74af1e149333f44dae1fec048decc77bc412ba8dc53
- SSDEEP
  
  768:EYt/D0oDxSPRmqbDRSDIhpP30iFN2RDMPauudYgeguS:Ei0oDqRmq70iFN2RDRX
Score

7^/10
- Writes file to shm directory
  Malware can drop malicious files in the shm directory which will run directly from RAM.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy