d1233de1ae75c9cbe9ba7c262bdba4c50ef9d9f5dbb951b6ea50df3be9486469 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d388e33bee82d9328b4f13ffaa35336
Size

109KB
Sample

231220-ljkcdsahe9
MD5

9d388e33bee82d9328b4f13ffaa35336
SHA1

3805688da5b20f46b38494d1b192920cb7b4e015
SHA256

d1233de1ae75c9cbe9ba7c262bdba4c50ef9d9f5dbb951b6ea50df3be9486469
SHA512

30ad320ff9bbbc0a3a60c8b9651a8e25afc96322fe72e6b20bd0fca4307e8432fc00c092dc86711496cf18658cff377b8b4a44591a2fb36bc6e4d85f7442def5
SSDEEP

3072:qcEvPxBb5x+qAIvvcZ4pN2xdhQu0FmZ901XGXg9Px:anx9+qFXQq2xdQFmZ901XGXg9Px

Score

7^/10

linux

Malware Config

Targets

- Target
  
  9d388e33bee82d9328b4f13ffaa35336
- Size
  
  109KB
- MD5
  
  9d388e33bee82d9328b4f13ffaa35336
- SHA1
  
  3805688da5b20f46b38494d1b192920cb7b4e015
- SHA256
  
  d1233de1ae75c9cbe9ba7c262bdba4c50ef9d9f5dbb951b6ea50df3be9486469
- SHA512
  
  30ad320ff9bbbc0a3a60c8b9651a8e25afc96322fe72e6b20bd0fca4307e8432fc00c092dc86711496cf18658cff377b8b4a44591a2fb36bc6e4d85f7442def5
- SSDEEP
  
  3072:qcEvPxBb5x+qAIvvcZ4pN2xdhQu0FmZ901XGXg9Px:anx9+qFXQq2xdQFmZ901XGXg9Px
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1