Modifies init.d

Adds/modifies system service, likely for persistence.

Modifies rc script

Adding/modifying system rc scripts is a common persistence mechanism.

Write file to user bin folder

Creates .desktop file

Linux desktops like GNOME require .desktop files to register applications. Sometimes abused by malware for persistence.

Enumerates kernel/hardware configuration

Reads contents of /sys virtual filesystem to enumerate system information.

Reads runtime system information

Reads data from /proc virtual filesystem.

Writes file to tmp directory

Malware often drops required files in the /tmp directory.