iptablez | 960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a | Triage

Submit
Reports

Overview

overview

Static

static

fba111160d...b0c1b7

ubuntu-18.04-amd64

Sharing

General

Target

fba111160d27811f538ffcee8eb0c1b7
Size

1.1MB
Sample

231222-vnz33sbden
MD5

fba111160d27811f538ffcee8eb0c1b7
SHA1

629f9828d8f88197e528a49390f478aecdcd1f08
SHA256

960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a
SHA512

43aef2b5ec18cf13757b5ed79f667f5b941d298687215fdf482456be77e093812e91be2471031c88688b88c56d9afee73641d472a404d90d856cadcc66009fe0
SSDEEP

24576:y4mC8Hn1lEI0D8vzV7KDSSOH3DHAAKDiyAVcnFtzAblnvV:rx8Hn1lPvzQRGfx4rAnvV

Score

10^/10

iptablez backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fba111160d27811f538ffcee8eb0c1b7

Resource

ubuntu1804-amd64-20231215-en

iptablez backdoor

ubuntu-18.04-amd64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  fba111160d27811f538ffcee8eb0c1b7
- Size
  
  1.1MB
- MD5
  
  fba111160d27811f538ffcee8eb0c1b7
- SHA1
  
  629f9828d8f88197e528a49390f478aecdcd1f08
- SHA256
  
  960cb322998f273c7c30ea05f58284a5bf749dc32240d1ecbe533b091148a44a
- SHA512
  
  43aef2b5ec18cf13757b5ed79f667f5b941d298687215fdf482456be77e093812e91be2471031c88688b88c56d9afee73641d472a404d90d856cadcc66009fe0
- SSDEEP
  
  24576:y4mC8Hn1lEI0D8vzV7KDSSOH3DHAAKDiyAVcnFtzAblnvV:rx8Hn1lPvzQRGfx4rAnvV
Score

10^/10

iptablez backdoor
- Detected IptabLes/IptabLez backdoor
- IptabLes/IptabLez Backdoor
  Linux RAT/backdoor which has been around since 2014.
  backdoor iptablez
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Enumerates running processes
  Discovers information about currently running processes on the system
- Reads CPU attributes
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

iptablezbackdoor

© 2018-2024

Terms | Privacy