bpfdoor | c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276 | Triage

Submit
Reports

Overview

overview

Static

static

c796fc66b6...f91276

ubuntu-18.04-amd64

Sharing

General

Target

c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276
Size

22KB
Sample

240410-relmjsde7t
MD5

87223f2a9c3a65be7545f25f95e10ece
SHA1

92439c3c736a0554883118ecfe082b27aa6c9143
SHA256

c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276
SHA512

eeeb9522294c9785074cd318118e43db13b165a242460bfeae34047b89eece3bf8cd128afb11c6440cb9d7845d6ba14c814bf9a477caffe7167d3a5c5e427c21
SSDEEP

384:Vmdt5D0ogBSoafTZKuZkBAzspIbMCfZSDFM6HlYGxhq0iFEcTGWYSVs:VYt5D0ozZfIabDRSD2wlYgq0iFkSO

Score

10^/10

bpfdoor backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276

Resource

ubuntu1804-amd64-20240226-en

bpfdoor backdoor

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276
- Size
  
  22KB
- MD5
  
  87223f2a9c3a65be7545f25f95e10ece
- SHA1
  
  92439c3c736a0554883118ecfe082b27aa6c9143
- SHA256
  
  c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276
- SHA512
  
  eeeb9522294c9785074cd318118e43db13b165a242460bfeae34047b89eece3bf8cd128afb11c6440cb9d7845d6ba14c814bf9a477caffe7167d3a5c5e427c21
- SSDEEP
  
  384:Vmdt5D0ogBSoafTZKuZkBAzspIbMCfZSDFM6HlYGxhq0iFEcTGWYSVs:VYt5D0ozZfIabDRSD2wlYgq0iFkSO
Score

10^/10

bpfdoor backdoor
- BPFDoor
  BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.
  backdoor bpfdoor
- BPFDoor payload
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bpfdoorbackdoor

© 2018-2024

Terms | Privacy