bpfdoor | 2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb | Triage

Submit
Reports

Overview

overview

Static

static

2e0aa3da45...db.bin

ubuntu-18.04-amd64

Resubmissions

06-09-2023 00:50

230906-a613wace39 10

02-06-2022 16:49

220602-vb6p4acdhn 10

18-05-2022 18:03

220518-wm78qsfbgl 5

Sharing

General

Target

2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
Size

30KB
Sample

230906-a613wace39
MD5

a4bbcbdb2d65d1b966943f6955c05048
SHA1

68af74718f5eeb824258e69af5a23a3c0f6fb54d
SHA256

2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb
SHA512

4b5d69f3ceb9e2a9311bf08bc3b853dcddf2f33228e31dfaa3c6484dfc4057ba210c1995833bbd26eeea15496623a13e1c895e71e8094707c78ed4b6738274a6
SSDEEP

384:fna1+r7+bTJta9vZxofpCjR1g/CNXyCEAFp0MyV4Eh6kSE0wyktwBZFAND7foVlX:SEPigZxiEXbFyMycctw5AIzrLFo

Score

10^/10

bpfdoor backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin

Resource

ubuntu1804-amd64-20230831-en

bpfdoor backdoor

ubuntu-18.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
- Size
  
  30KB
- MD5
  
  a4bbcbdb2d65d1b966943f6955c05048
- SHA1
  
  68af74718f5eeb824258e69af5a23a3c0f6fb54d
- SHA256
  
  2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb
- SHA512
  
  4b5d69f3ceb9e2a9311bf08bc3b853dcddf2f33228e31dfaa3c6484dfc4057ba210c1995833bbd26eeea15496623a13e1c895e71e8094707c78ed4b6738274a6
- SSDEEP
  
  384:fna1+r7+bTJta9vZxofpCjR1g/CNXyCEAFp0MyV4Eh6kSE0wyktwBZFAND7foVlX:SEPigZxiEXbFyMycctw5AIzrLFo
Score

10^/10

bpfdoor backdoor
- BPFDoor
  BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.
  backdoor bpfdoor
- BPFDoor payload
- Changes its process name
- Creates Raw socket
  Creates a socket that captures raw packets at the device level
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bpfdoorbackdoor

© 2018-2024

Terms | Privacy