1015b9aef1f749dfc31eb33528c4a4169035b6d73542e068b617965d3e948ef2 | Triage

Sharing

General

Target

1015b9aef1f749dfc31eb33528c4a4169035b6d73542e068b617965d3e948ef2.bin
Size

1.0MB
Sample

230228-jnqc4aaa5w
MD5

49883e391077e681878d7128e4dbf757
SHA1

85c121c37f96a9ffae3ee4cd6c9116d5c1c43338
SHA256

1015b9aef1f749dfc31eb33528c4a4169035b6d73542e068b617965d3e948ef2
SHA512

82b78c52bfec3e402a398a192cd41408f11de430186327a4a61013d98f1228d8740ebb1f189806dbda429121de1db860c0676ef207c7230b8b2d864d15002afb
SSDEEP

24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PNroyUkNR9:PhvnhHXuhshNjK8AlGWaoYroyUk

Score

10^/10

botnet linux persistence

Malware Config

Targets

- Target
  
  1015b9aef1f749dfc31eb33528c4a4169035b6d73542e068b617965d3e948ef2.bin
- Size
  
  1.0MB
- MD5
  
  49883e391077e681878d7128e4dbf757
- SHA1
  
  85c121c37f96a9ffae3ee4cd6c9116d5c1c43338
- SHA256
  
  1015b9aef1f749dfc31eb33528c4a4169035b6d73542e068b617965d3e948ef2
- SHA512
  
  82b78c52bfec3e402a398a192cd41408f11de430186327a4a61013d98f1228d8740ebb1f189806dbda429121de1db860c0676ef207c7230b8b2d864d15002afb
- SSDEEP
  
  24576:RsqZhvnhHXuhshNjm3Bp6gDgR16lwzBWa4wwS49TrHg29XE/PNroyUkNR9:PhvnhHXuhshNjK8AlGWaoYroyUk
Score

7^/10

persistence
- Modifies init.d
  Adds/modifies system service, likely for persistence.
  persistence
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1