16230db020a9396b8839d9e0d79f1bcd0472fd96010c4b568482fecbc65ecfb2 | Triage

Sharing

General

Target

da5e5e904e2b1f749ad8d53d53f3ca78
Size

104KB
Sample

231222-sz9qjsheem
MD5

da5e5e904e2b1f749ad8d53d53f3ca78
SHA1

8aa7fef50055f6dd116be62697cce29dfc373051
SHA256

16230db020a9396b8839d9e0d79f1bcd0472fd96010c4b568482fecbc65ecfb2
SHA512

100859703f73a3aa831a7638b92286bc39c2b7ab5f1736ab4d85f53961af05b0d7d08f4f0de88f5272021bc3d4cb94177912e680224bd55db490fe7af4ea2c07
SSDEEP

3072:KpowBPqkVjJWbU1CSPI3YObNo0Fajvyljnvm+DDq+Y3WK:VOPqkVjJWbUdSS+Eyljnvm+DDqN3WK

Score

7^/10

linux

Malware Config

Targets

- Target
  
  da5e5e904e2b1f749ad8d53d53f3ca78
- Size
  
  104KB
- MD5
  
  da5e5e904e2b1f749ad8d53d53f3ca78
- SHA1
  
  8aa7fef50055f6dd116be62697cce29dfc373051
- SHA256
  
  16230db020a9396b8839d9e0d79f1bcd0472fd96010c4b568482fecbc65ecfb2
- SHA512
  
  100859703f73a3aa831a7638b92286bc39c2b7ab5f1736ab4d85f53961af05b0d7d08f4f0de88f5272021bc3d4cb94177912e680224bd55db490fe7af4ea2c07
- SSDEEP
  
  3072:KpowBPqkVjJWbU1CSPI3YObNo0Fajvyljnvm+DDq+Y3WK:VOPqkVjJWbUdSS+Eyljnvm+DDqN3WK
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1