Overview

overview

10

Static

static

10

f8184e7527...0c1598

debian-9-mips

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

  • Size

    231KB

  • Sample

    221130-p4j4xaef6y

  • MD5

    883ba03abf873b9f15046c93661a56e5

  • SHA1

    55ccbc98eb2e5b44477b7f5d26da2b750c4f4224

  • SHA256

    f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

  • SHA512

    b5fae4c396d3b0d49fba38947cbb2b7570b17cc8f8bdb75abe9e01fb0aa20b2469e62ba8a40bd4faf1a891ead8fef1d5e808ac52c705d9d5b09c3998467a171c

  • SSDEEP

    3072:T8ueXpv7VglR3RT2+gO2YyYpUqV7JP7H7TtQBE/PSqzkZmTeeIKjcPKPuW:wPzQnOq9nTtJdkZmTeeIKjcPKPuW

Score
10/10
gafgytpersistence

Malware Config

Targets

    • Target

      f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

    • Size

      231KB

    • MD5

      883ba03abf873b9f15046c93661a56e5

    • SHA1

      55ccbc98eb2e5b44477b7f5d26da2b750c4f4224

    • SHA256

      f8184e7527a01572a1c9c380bcdf4c7dffb975e0307a481d536f65e0380c1598

    • SHA512

      b5fae4c396d3b0d49fba38947cbb2b7570b17cc8f8bdb75abe9e01fb0aa20b2469e62ba8a40bd4faf1a891ead8fef1d5e808ac52c705d9d5b09c3998467a171c

    • SSDEEP

      3072:T8ueXpv7VglR3RT2+gO2YyYpUqV7JP7H7TtQBE/PSqzkZmTeeIKjcPKPuW:wPzQnOq9nTtJdkZmTeeIKjcPKPuW

    Score
    7/10
    persistence

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks