3e5aa51a91bc1c7a78283a283b30fd4b47e24dff1a6e034b1b272c0a4b2a1181 | Triage

Sharing

General

Target

3e5aa51a91bc1c7a78283a283b30fd4b47e24dff1a6e034b1b272c0a4b2a1181
Size

49KB
Sample

230328-m8ec4saf28
MD5

ac4bec1d64d81416e4a59640e4c0677f
SHA1

c2d84eab6c35e64e934d9842902311014d922182
SHA256

3e5aa51a91bc1c7a78283a283b30fd4b47e24dff1a6e034b1b272c0a4b2a1181
SHA512

d400581bf5783555f1e4f33cb3d9923df24688c03d750ffbc492b2171a2c59a5166a7f10bdfe72b818ed19ab8bf6cfbdf2c8903f9c03f5e0f2a6f822725f631d
SSDEEP

768:AR5w0Fl0wa6kZnb8nVgM9sftyuuZUNCiP7y/:whFl076anAVN9s17fNCiy/

Score

7^/10

linux

Malware Config

Targets

- Target
  
  3e5aa51a91bc1c7a78283a283b30fd4b47e24dff1a6e034b1b272c0a4b2a1181
- Size
  
  49KB
- MD5
  
  ac4bec1d64d81416e4a59640e4c0677f
- SHA1
  
  c2d84eab6c35e64e934d9842902311014d922182
- SHA256
  
  3e5aa51a91bc1c7a78283a283b30fd4b47e24dff1a6e034b1b272c0a4b2a1181
- SHA512
  
  d400581bf5783555f1e4f33cb3d9923df24688c03d750ffbc492b2171a2c59a5166a7f10bdfe72b818ed19ab8bf6cfbdf2c8903f9c03f5e0f2a6f822725f631d
- SSDEEP
  
  768:AR5w0Fl0wa6kZnb8nVgM9sftyuuZUNCiP7y/:whFl076anAVN9s17fNCiy/
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1