Overview

overview

10

Static

static

10

2b26042b91...fc.elf

ubuntu-18.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b26042b91b316ac627c937856d8b4fc.elf

  • Size

    1.0MB

  • Sample

    230203-rgqdhsff46

  • MD5

    2b26042b91b316ac627c937856d8b4fc

  • SHA1

    815325a46b8d87ed0e3bb21cc84fff36f6346fd4

  • SHA256

    b16935619829aee2c245cead7a71b59dbe9b7992c313d71c558049fd48833e4e

  • SHA512

    fdc54b7c98cd678a5c2ebbe55a90533005fc26d55e969971c5ebb73a192cb0c10bcbec61ce69fb28221459e533b44556c788b8c361c37fc41b20d145b825b07f

  • SSDEEP

    24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PCroyUkNR9:PhvnhHXuhshNjK8AlGWaoXroyUk

Score
10/10
botnetlinuxpersistence

Malware Config

Targets

    • Target

      2b26042b91b316ac627c937856d8b4fc.elf

    • Size

      1.0MB

    • MD5

      2b26042b91b316ac627c937856d8b4fc

    • SHA1

      815325a46b8d87ed0e3bb21cc84fff36f6346fd4

    • SHA256

      b16935619829aee2c245cead7a71b59dbe9b7992c313d71c558049fd48833e4e

    • SHA512

      fdc54b7c98cd678a5c2ebbe55a90533005fc26d55e969971c5ebb73a192cb0c10bcbec61ce69fb28221459e533b44556c788b8c361c37fc41b20d145b825b07f

    • SSDEEP

      24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PCroyUkNR9:PhvnhHXuhshNjK8AlGWaoXroyUk

    Score
    7/10
    persistence

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

      persistence

    • Modifies rc script

      Adding/modifying system rc scripts is a common persistence mechanism.

      persistence

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

2
T1547

Privilege Escalation

Boot or Logon Autostart Execution

2
T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks