General

  • Target

    cca78516c62e1b7cf3c56b665a3537dca6beb54d335c633454b325fd44c4f760

  • Size

    27KB

  • Sample

    230515-n19dysde6t

  • MD5

    b4b92c6cd0ddfc27f38c45cbac0d0f01

  • SHA1

    037d51686f2c5749b78a4a9ce638966aea8798a1

  • SHA256

    cca78516c62e1b7cf3c56b665a3537dca6beb54d335c633454b325fd44c4f760

  • SHA512

    b96173503c265547b7473b5b13822f05c38f71ebfbee78dc75f778d2e63755d26c7bd13f7207163432d38690434c873214e830a3a7217cd4d2f02975e3254b7c

  • SSDEEP

    768:ttDPYOFMXrThYxt+2ZcMyObDRSDfPrgd0iFn79+Rt:bPYOFMXrThYxttcMyOh0iF7gR

Score
10/10

Malware Config

Targets

    • Target

      cca78516c62e1b7cf3c56b665a3537dca6beb54d335c633454b325fd44c4f760

    • Size

      27KB

    • MD5

      b4b92c6cd0ddfc27f38c45cbac0d0f01

    • SHA1

      037d51686f2c5749b78a4a9ce638966aea8798a1

    • SHA256

      cca78516c62e1b7cf3c56b665a3537dca6beb54d335c633454b325fd44c4f760

    • SHA512

      b96173503c265547b7473b5b13822f05c38f71ebfbee78dc75f778d2e63755d26c7bd13f7207163432d38690434c873214e830a3a7217cd4d2f02975e3254b7c

    • SSDEEP

      768:ttDPYOFMXrThYxt+2ZcMyObDRSDfPrgd0iFn79+Rt:bPYOFMXrThYxttcMyOh0iF7gR

    Score
    10/10
    • BPFDoor

      BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.

    • BPFDoor payload

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

MITRE ATT&CK Matrix

Tasks