bpfdoor | c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c | Triage

Submit
Reports

Overview

overview

Static

static

c80bd1c4a7...79b09c

ubuntu-20.04-amd64

Sharing

General

Target

c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c
Size

30KB
Sample

240410-rezt6sad89
MD5

b65d8705c8d30ccc855e0dc48f093591
SHA1

27fc5359c0200cb33b328048d317605c255db6ea
SHA256

c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c
SHA512

feb559ae57b67858b3a98a5e71fe04a4dd18881043ac291263ad6513d542b7c02a307fdcb0d6fd50eaddb34356ac02f346d2c0f19fe39364f239ae4e84236345
SSDEEP

384:lL1X7ng7ou6PJOK8Ik93KRqPuaXhUp/GDUIMmoMyV4Mnmo0iFZZ6nvpm2HQF8YA7:lLtb6yo93Xk/gvMNMy10iFZZAmJBA7

Score

10^/10

bpfdoor backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c

Resource

ubuntu2004-amd64-20240221-en

bpfdoor backdoor

ubuntu-20.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c
- Size
  
  30KB
- MD5
  
  b65d8705c8d30ccc855e0dc48f093591
- SHA1
  
  27fc5359c0200cb33b328048d317605c255db6ea
- SHA256
  
  c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c
- SHA512
  
  feb559ae57b67858b3a98a5e71fe04a4dd18881043ac291263ad6513d542b7c02a307fdcb0d6fd50eaddb34356ac02f346d2c0f19fe39364f239ae4e84236345
- SSDEEP
  
  384:lL1X7ng7ou6PJOK8Ik93KRqPuaXhUp/GDUIMmoMyV4Mnmo0iFZZ6nvpm2HQF8YA7:lLtb6yo93Xk/gvMNMy10iFZZAmJBA7
Score

10^/10

bpfdoor backdoor
- BPFDoor
  BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.
  backdoor bpfdoor
- BPFDoor payload
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bpfdoorbackdoor

© 2018-2024

Terms | Privacy