Overview

overview

10

Static

static

10

79916343b9...19dc8c

ubuntu-18.04-amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79916343b93a5a7ac7b7133a26b77b8d7d0471b3204eae78a8e8091bfe19dc8c

  • Size

    84KB

  • Sample

    221203-3q37hsbh2t

  • MD5

    791dd369c4acf8603a05de1e1dc53e64

  • SHA1

    0cae8afef7e715019ef969b83bc1e4d3a2d531c7

  • SHA256

    79916343b93a5a7ac7b7133a26b77b8d7d0471b3204eae78a8e8091bfe19dc8c

  • SHA512

    61ddc417754fe6cb6518c2a69eeb3367cd46cf53716dbb90aa233a5c35b8467ebfe30d4604099dee623cb17bae42998ea9a98d114ce1a8190eed3757f08aeb41

  • SSDEEP

    1536:QahOrhUNuV9NnkqnhhWMC8tOadBvwZoXRUqHekyN/1H5xuM8b/3d:Q5JxkqnhhWMhtOqcoXRUq+xN/1Zx2r3

Score
10/10
rekoobelinux

Malware Config

Extracted

Family

rekoobe

C2

39.108.128.1:8000

Targets

    • Target

      79916343b93a5a7ac7b7133a26b77b8d7d0471b3204eae78a8e8091bfe19dc8c

    • Size

      84KB

    • MD5

      791dd369c4acf8603a05de1e1dc53e64

    • SHA1

      0cae8afef7e715019ef969b83bc1e4d3a2d531c7

    • SHA256

      79916343b93a5a7ac7b7133a26b77b8d7d0471b3204eae78a8e8091bfe19dc8c

    • SHA512

      61ddc417754fe6cb6518c2a69eeb3367cd46cf53716dbb90aa233a5c35b8467ebfe30d4604099dee623cb17bae42998ea9a98d114ce1a8190eed3757f08aeb41

    • SSDEEP

      1536:QahOrhUNuV9NnkqnhhWMC8tOadBvwZoXRUqHekyN/1H5xuM8b/3d:Q5JxkqnhhWMhtOqcoXRUq+xN/1Zx2r3

    Score
    8/10

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks