rekoobe | 7440a7b56d3670d4204a57974fa76ae76ca78168bb181640f565976d192cc159 | Triage

Resubmissions

24-11-2022 16:13

221124-tpb7zahh7v 10

03-11-2022 10:02

221103-l2srgshab5 8

11-09-2022 15:18

220911-spk97sfegr 8

Sharing

General

Target

adyagent.elf
Size

81KB
Sample

221124-tpb7zahh7v
MD5

905c2158fadfe31850766f010e149a0f
SHA1

4d4bc836641840ad8b0873b07d31ce38732c4a28
SHA256

7440a7b56d3670d4204a57974fa76ae76ca78168bb181640f565976d192cc159
SHA512

6516fcf27e7fa4fd51f026bcfed02c08be4ae5ff9c96ee614d8e790b5f63daf5e5d79cedea73fbe7df5ead19a683c9923c0dd93d3709b8d4a55251d766ca6b9b
SSDEEP

1536:mihlrshQNuVhNnUinhhWbCh+Kh0MqHekyN/1H5xuM8gya:mXhFlUinhhWbCh+ohq+xN/1Zx2gy

Score

10^/10

rekoobe linux

Malware Config

Extracted

Family

rekoobe

C2

43.140.251.218:8080

Targets

- Target
  
  adyagent.elf
- Size
  
  81KB
- MD5
  
  905c2158fadfe31850766f010e149a0f
- SHA1
  
  4d4bc836641840ad8b0873b07d31ce38732c4a28
- SHA256
  
  7440a7b56d3670d4204a57974fa76ae76ca78168bb181640f565976d192cc159
- SHA512
  
  6516fcf27e7fa4fd51f026bcfed02c08be4ae5ff9c96ee614d8e790b5f63daf5e5d79cedea73fbe7df5ead19a683c9923c0dd93d3709b8d4a55251d766ca6b9b
- SSDEEP
  
  1536:mihlrshQNuVhNnUinhhWbCh+Kh0MqHekyN/1H5xuM8gya:mXhFlUinhhWbCh+ohq+xN/1Zx2gy
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1