rekoobe | 275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9 | Triage

Sharing

General

Target

275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
Size

84KB
Sample

221203-3sjkwsgb37
MD5

0a35e06f53c17ab1c8e18e7e0c0821d8
SHA1

14fd16e6465b74c5ac4dc895f4c15bccb447af31
SHA256

275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
SHA512

e15391a43ba7aa986138d38530fb77a671ec1aef18a21699700fc0a35bd122207c8f97bc6ae6989a37c4ab629ee980037530c8f1070da5594a9112a02b2589ba
SSDEEP

1536:cgNZiXzc9qrw4NuVRNnUOnhhWcgZOLg2e41E5vqHekyN/1H5xuM8ZcU:clcUrwtFUOnhhWcgELg2vE5vq+xN/1Zq

Score

10^/10

rekoobe linux

Malware Config

Extracted

Family

rekoobe

C2

194.36.191.75:443

Targets

- Target
  
  275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
- Size
  
  84KB
- MD5
  
  0a35e06f53c17ab1c8e18e7e0c0821d8
- SHA1
  
  14fd16e6465b74c5ac4dc895f4c15bccb447af31
- SHA256
  
  275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
- SHA512
  
  e15391a43ba7aa986138d38530fb77a671ec1aef18a21699700fc0a35bd122207c8f97bc6ae6989a37c4ab629ee980037530c8f1070da5594a9112a02b2589ba
- SSDEEP
  
  1536:cgNZiXzc9qrw4NuVRNnUOnhhWcgZOLg2e41E5vqHekyN/1H5xuM8ZcU:clcUrwtFUOnhhWcgELg2vE5vq+xN/1Zq
Score

8^/10
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1