bpfdoor | 4c5cf8f977fc7c368a8e095700a44be36c8332462c0b1e41bff03238b2bf2a2d | Triage

Submit
Reports

Overview

overview

Static

static

156226c909...80f1f8

ubuntu-18.04-amd64

Sharing

General

Target

156226c90974180cc4b5f9738e80f1f8
Size

27KB
Sample

231230-l564aaedep
MD5

156226c90974180cc4b5f9738e80f1f8
SHA1

ed0cd45c3bb95ef8da214048799395e247040d17
SHA256

4c5cf8f977fc7c368a8e095700a44be36c8332462c0b1e41bff03238b2bf2a2d
SHA512

8915d1e0a42d8981b0260458a1d9769a29d45fcdd35f238caacbe7ffe8b6aa711c56c0b3afc550c0c33c58dc07ed0ba2444457dcc45665cb15d50f07fc9b82b6
SSDEEP

768:vtDPYOFMXrThYxt+2ZcMyObDRSDfPrgd0iFngrJ+et:RPYOFMXrThYxttcMyOh0iFgrMe

Score

10^/10

bpfdoor backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

156226c90974180cc4b5f9738e80f1f8

Resource

ubuntu1804-amd64-20231215-en

bpfdoor backdoor

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  156226c90974180cc4b5f9738e80f1f8
- Size
  
  27KB
- MD5
  
  156226c90974180cc4b5f9738e80f1f8
- SHA1
  
  ed0cd45c3bb95ef8da214048799395e247040d17
- SHA256
  
  4c5cf8f977fc7c368a8e095700a44be36c8332462c0b1e41bff03238b2bf2a2d
- SHA512
  
  8915d1e0a42d8981b0260458a1d9769a29d45fcdd35f238caacbe7ffe8b6aa711c56c0b3afc550c0c33c58dc07ed0ba2444457dcc45665cb15d50f07fc9b82b6
- SSDEEP
  
  768:vtDPYOFMXrThYxt+2ZcMyObDRSDfPrgd0iFngrJ+et:RPYOFMXrThYxttcMyOh0iFgrMe
Score

10^/10

bpfdoor backdoor
- BPFDoor
  BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.
  backdoor bpfdoor
- BPFDoor payload
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bpfdoorbackdoor

© 2018-2024

Terms | Privacy