2acdc5c966113362906baebd720448324078c9855bc43ad8365c04b8e0064b36 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Linux.Agent.14727.28069.elf
Size

912KB
Sample

240408-rvpn5seg3t
MD5

c4f9285f7b3396fedc9b544ad7ffd8b6
SHA1

7d39a65e46e7c82f9544359410cc6a6d9c0de3a5
SHA256

2acdc5c966113362906baebd720448324078c9855bc43ad8365c04b8e0064b36
SHA512

47c1b2816df3d286430b713331e990efe19500a1c007c246908c42d4c63c0168f60c08dc47878b78f78887fa691140f288a0df681af3b3d07ab7ae46b7897a19
SSDEEP

12288:IwspmaU6XxlWH4dxWk/sGjeQ60tzeBC9myy8bkklOSUZgw3:IwspdXxlWH4dsk/sGje10t6nkkDZgw

Score

6^/10

linux persistence

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.Linux.Agent.14727.28069.elf
- Size
  
  912KB
- MD5
  
  c4f9285f7b3396fedc9b544ad7ffd8b6
- SHA1
  
  7d39a65e46e7c82f9544359410cc6a6d9c0de3a5
- SHA256
  
  2acdc5c966113362906baebd720448324078c9855bc43ad8365c04b8e0064b36
- SHA512
  
  47c1b2816df3d286430b713331e990efe19500a1c007c246908c42d4c63c0168f60c08dc47878b78f78887fa691140f288a0df681af3b3d07ab7ae46b7897a19
- SSDEEP
  
  12288:IwspmaU6XxlWH4dxWk/sGjeQ60tzeBC9myy8bkklOSUZgw3:IwspdXxlWH4dsk/sGje10t6nkkDZgw
Score

6^/10

persistence
- Creates/modifies environment variables
  Creating/modifying environment variables is a common persistence mechanism.
  persistence
- Modifies Bash startup script
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1