iptablez | 960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a | Triage

Submit
Reports

Overview

overview

Static

static

fba111160d...b0c1b7

ubuntu-18.04-amd64

Sharing

General

Target

fba111160d27811f538ffcee8eb0c1b7
Size

1.1MB
Sample

231222-vnz33sbden
MD5

fba111160d27811f538ffcee8eb0c1b7
SHA1

629f9828d8f88197e528a49390f478aecdcd1f08
SHA256

960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a
SHA512

43aef2b5ec18cf13757b5ed79f667f5b941d298687215fdf482456be77e093812e91be2471031c88688b88c56d9afee73641d472a404d90d856cadcc66009fe0
SSDEEP

24576:y4mC8Hn1lEI0D8vzV7KDSSOH3DHAAKDiyAVcnFtzAblnvV:rx8Hn1lPvzQRGfx4rAnvV

Score

10^/10

iptablez backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fba111160d27811f538ffcee8eb0c1b7

Resource

ubuntu1804-amd64-20231215-en

iptablez backdoor

ubuntu-18.04-amd64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  fba111160d27811f538ffcee8eb0c1b7
- Size
  
  1.1MB
- MD5
  
  fba111160d27811f538ffcee8eb0c1b7
- SHA1
  
  629f9828d8f88197e528a49390f478aecdcd1f08
- SHA256
  
  960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a
- SHA512
  
  43aef2b5ec18cf13757b5ed79f667f5b941d298687215fdf482456be77e093812e91be2471031c88688b88c56d9afee73641d472a404d90d856cadcc66009fe0
- SSDEEP
  
  24576:y4mC8Hn1lEI0D8vzV7KDSSOH3DHAAKDiyAVcnFtzAblnvV:rx8Hn1lPvzQRGfx4rAnvV
Score

10^/10

iptablez backdoor
- Detected IptabLes/IptabLez backdoor
- IptabLes/IptabLez Backdoor
  Linux RAT/backdoor which has been around since 2014.
  backdoor iptablez
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads CPU attributes
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

iptablezbackdoor

© 2018-2024

Terms | Privacy