f72382801e0b77a6f5e7c0c657c7e4257e423ff2dd28b5182cb93885bd121cfa | Triage

Sharing

General

Target

d5705898e9ac4272eabbdc81671ea251.elf
Size

86KB
Sample

230509-ewc1hsga8t
MD5

d5705898e9ac4272eabbdc81671ea251
SHA1

4dbe01fa5642236d7ddd943110454c6be359d976
SHA256

f72382801e0b77a6f5e7c0c657c7e4257e423ff2dd28b5182cb93885bd121cfa
SHA512

f5db16d35a3147cf563605783a0fe9db8a576c429eb91e677c01aeb294cd1772e913f374784081d5f45952a48fbbc3b5e917b1d1f17147258ee999034c7a4dfa
SSDEEP

1536:qvu1gtrMtjWqtgI6kev6mJgyPyp6z7m4fkr6iLHzEPwOHkIpHqJRU:qW1gHqWLDv6gPyu7zCDLHzEPwOEIp

Score

9^/10

discovery linux

Malware Config

Targets

- Target
  
  d5705898e9ac4272eabbdc81671ea251.elf
- Size
  
  86KB
- MD5
  
  d5705898e9ac4272eabbdc81671ea251
- SHA1
  
  4dbe01fa5642236d7ddd943110454c6be359d976
- SHA256
  
  f72382801e0b77a6f5e7c0c657c7e4257e423ff2dd28b5182cb93885bd121cfa
- SHA512
  
  f5db16d35a3147cf563605783a0fe9db8a576c429eb91e677c01aeb294cd1772e913f374784081d5f45952a48fbbc3b5e917b1d1f17147258ee999034c7a4dfa
- SSDEEP
  
  1536:qvu1gtrMtjWqtgI6kev6mJgyPyp6z7m4fkr6iLHzEPwOHkIpHqJRU:qW1gHqWLDv6gPyu7zCDLHzEPwOEIp
Score

9^/10

discovery
- Contacts a large (2846) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1