xzutil | 13d2a7961d5b7142cc4666f1997b0738d3bc4df904814febfed5c68c29e485d4 | Triage

Submit
Reports

Overview

overview

Static

static

1

payload

ubuntu-18.04-amd64

Resubmissions

05-04-2024 09:57

240405-ly3ghsha5v 10

Sharing

General

Target

payload
Size

7.0MB
Sample

240405-ly3ghsha5v
MD5

e1584b5eb8b0a1a6cb3d6da74e4d2074
SHA1

0d4f48bf2345299872b7dae1fc1b88bb15a03880
SHA256

13d2a7961d5b7142cc4666f1997b0738d3bc4df904814febfed5c68c29e485d4
SHA512

7ded777e85b308d5ab6b7a4ec75d21a683699117940803671bcaff44920f7cf3a4eafaa2088bbe88838a81af7bd1c5d8155aa5b4fb7f6e6cf0e466c74f5febbd
SSDEEP

196608:zrHvQtMPrw4oh6Uoc5TuWnS1pYqq1T62rFJ8aCXx:HHItYfYVEWnS1pnoTPrFJ8aCX

Score

10^/10

xzutil backdoor linux

Static task

static1

Behavioral task

behavioral1

Sample

payload

Resource

ubuntu1804-amd64-20240226-en

xzutil backdoor

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  payload
- Size
  
  7.0MB
- MD5
  
  e1584b5eb8b0a1a6cb3d6da74e4d2074
- SHA1
  
  0d4f48bf2345299872b7dae1fc1b88bb15a03880
- SHA256
  
  13d2a7961d5b7142cc4666f1997b0738d3bc4df904814febfed5c68c29e485d4
- SHA512
  
  7ded777e85b308d5ab6b7a4ec75d21a683699117940803671bcaff44920f7cf3a4eafaa2088bbe88838a81af7bd1c5d8155aa5b4fb7f6e6cf0e466c74f5febbd
- SSDEEP
  
  196608:zrHvQtMPrw4oh6Uoc5TuWnS1pYqq1T62rFJ8aCXx:HHItYfYVEWnS1pnoTPrFJ8aCX
Score

10^/10

xzutil backdoor
- XZUtil is a linux backdoor releated to the CVE-2024-3094.
  backdoor
- XZutil
  XZutil is a linux backdoor written in C++.
  backdoor xzutil
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy