Overview

overview

10

Static

static

10

73bbabc65f...60351f

ubuntu-18.04-amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    73bbabc65f884f89653a156e432788b5541a169036d364c2d769f6053960351f

  • Size

    84KB

  • Sample

    221203-3r92fsga93

  • MD5

    0cda4f097a9b072f4dd8bf3ac6cf273a

  • SHA1

    d3c4bd3ba3775af039bd30e47ca43ff6ca285297

  • SHA256

    73bbabc65f884f89653a156e432788b5541a169036d364c2d769f6053960351f

  • SHA512

    3a5c659cac487ab55271e9d1fb8857db49af049755c8b3fb1fb91f9321ad01b9dfe2c7e657cd34131df428b5d16fc0af5802403891b1a96a326b4470855f9667

  • SSDEEP

    1536:QahOrhUNuV9NnkqnhhWMC8tOadBvwZoXRUqHekyN/1H5xuM8b/3d:Q5JxkqnhhWMhtOqcoXRUq+xN/1Zx2r3

Score
10/10
rekoobelinux

Malware Config

Extracted

Family

rekoobe

C2

118.24.150.172:1234

118.24.150.172:5555

Targets

    • Target

      73bbabc65f884f89653a156e432788b5541a169036d364c2d769f6053960351f

    • Size

      84KB

    • MD5

      0cda4f097a9b072f4dd8bf3ac6cf273a

    • SHA1

      d3c4bd3ba3775af039bd30e47ca43ff6ca285297

    • SHA256

      73bbabc65f884f89653a156e432788b5541a169036d364c2d769f6053960351f

    • SHA512

      3a5c659cac487ab55271e9d1fb8857db49af049755c8b3fb1fb91f9321ad01b9dfe2c7e657cd34131df428b5d16fc0af5802403891b1a96a326b4470855f9667

    • SSDEEP

      1536:QahOrhUNuV9NnkqnhhWMC8tOadBvwZoXRUqHekyN/1H5xuM8b/3d:Q5JxkqnhhWMhtOqcoXRUq+xN/1Zx2r3

    Score
    8/10

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks