271410cbed555354dd695ad127aab54b41457ca03b70aa0542efb061e66f84bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09d6dab9b70a74f61c41eaa485b37de9a40c86b6d2eae7413db11b4e6a8256ef.zip
Size

470KB
Sample

230929-xhax4sfb96
MD5

dfeea83fe080cf3416d81b9d3cf39ea4
SHA1

474d036784fb942e7011b5f7dcf54b0fb44db709
SHA256

271410cbed555354dd695ad127aab54b41457ca03b70aa0542efb061e66f84bf
SHA512

c450ce4bf5605b68a6d0ceb83145ce36ddef8136f8f60f8c62ce322ebd07c51b71a055fe63294f64007d2c7b49ae3235bace63df2b5c756430a5b610acdb1b7c
SSDEEP

12288:01Gy/gGdtzmVII3/n5L4aBkC/HHwRwr8DkFXUZ:01B/l7qO8B0aNoRwr8Dd

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  09d6dab9b70a74f61c41eaa485b37de9a40c86b6d2eae7413db11b4e6a8256ef.elf
- Size
  
  1.2MB
- MD5
  
  31e0439e6ef1dd29c0db6d96bac59446
- SHA1
  
  46b02cc186b85e11c3d59790c3a0bfd2ae1f82a5
- SHA256
  
  09d6dab9b70a74f61c41eaa485b37de9a40c86b6d2eae7413db11b4e6a8256ef
- SHA512
  
  f7ec29a41f745dfe1f49187b4df3657c261e547bde7d81d81844e02e16d52c71873f5dfdeb6ff4b6e8790fec39e222841fb7353ec1a5f3db357c2292c90eee3e
- SSDEEP
  
  24576:SBHj9n1SKNk1QbdGfVmNtGtR/2qYeFABKGNPhVc95OTmBrnf4XZnS85weLUo9GO6:SBD9n1SKNk1QbdGfVmNg/lYeFABKG9hC
Score

6^/10

persistence
- Creates/modifies environment variables
  Creating/modifying environment variables is a common persistence mechanism.
  persistence
- Modifies Bash startup script
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1