connectback | de32c85d919ae93797a7f70c4ec287372308bf80eb7ebb46b05c1a8626e0427c | Triage

Submit
Reports

Overview

overview

Static

static

all.elf

ubuntu-18.04-amd64

6

Sharing

General

Target

8FD42863508C3E1488B459D7E233AC9554A20237167CDE75C622CDB1F1AE386C.zip
Size

341B
Sample

240502-t3whrscg91
MD5

d99c70146348317bbc882339c7f7d957
SHA1

fe331fe12d9c470b1be151ac836faf2a443762c7
SHA256

de32c85d919ae93797a7f70c4ec287372308bf80eb7ebb46b05c1a8626e0427c
SHA512

6f08ecd6976f9a9320e4576bcbb142900fd4778d1a9719aa2564bd521f1354dfd46a9f5bd99713e0754420a990477c346f0aeb9e6bfcda9c770bf4eb0ca89fa4

Score

10^/10

connectback linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

all.elf

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Extracted

Family

connectback

C2

185.243.115.250:6222

Targets

- Target
  
  all.elf
- Size
  
  250B
- MD5
  
  be0f7ba8c05baadd7c3042f4ec577681
- SHA1
  
  6cd95182ab7ac0352029b934b8e08d264d4001c4
- SHA256
  
  8fd42863508c3e1488b459d7e233ac9554a20237167cde75c622cdb1f1ae386c
- SHA512
  
  0763590b136a03673b4177dee04eff62e2f126c9dc119dd7040d81cae023d174301308c389f81a7da2d5ec4796aaa746c6a909fa100d5a1d5b0bf32ea3950428
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy