rekoobe | 3bff2c5bfc24fc99d925126ec6beb95d395a85bc736a395aaf4719c301cbbfd4 | Triage

Sharing

General

Target

3bff2c5bfc24fc99d925126ec6beb95d395a85bc736a395aaf4719c301cbbfd4
Size

81KB
Sample

221203-3p2x3afg98
MD5

35743db3dc333245ef5b69100721ced9
SHA1

fa681933eccc1b3cae4cce6ab6f16db08c2f2a87
SHA256

3bff2c5bfc24fc99d925126ec6beb95d395a85bc736a395aaf4719c301cbbfd4
SHA512

83b1c27459747e9ff14a46b8170e2a22bd751b4acb20489fe6b14801f81b6c3c47dc1990f5dcf8beff445e8f607a6a230d40a53840aa2d5548d2ed2278afc1f4
SSDEEP

1536:mihlrshQNuVhNnUinhhWbCh+Kh0MqHekyN/1H5xuM8gya:mXhFlUinhhWbCh+ohq+xN/1Zx2gy

Score

10^/10

rekoobe linux

Malware Config

Extracted

Family

rekoobe

C2

81.68.143.132:1234

81.68.143.132:8080

Targets

- Target
  
  3bff2c5bfc24fc99d925126ec6beb95d395a85bc736a395aaf4719c301cbbfd4
- Size
  
  81KB
- MD5
  
  35743db3dc333245ef5b69100721ced9
- SHA1
  
  fa681933eccc1b3cae4cce6ab6f16db08c2f2a87
- SHA256
  
  3bff2c5bfc24fc99d925126ec6beb95d395a85bc736a395aaf4719c301cbbfd4
- SHA512
  
  83b1c27459747e9ff14a46b8170e2a22bd751b4acb20489fe6b14801f81b6c3c47dc1990f5dcf8beff445e8f607a6a230d40a53840aa2d5548d2ed2278afc1f4
- SSDEEP
  
  1536:mihlrshQNuVhNnUinhhWbCh+Kh0MqHekyN/1H5xuM8gya:mXhFlUinhhWbCh+ohq+xN/1Zx2gy
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1