connectback | de32c85d919ae93797a7f70c4ec287372308bf80eb7ebb46b05c1a8626e0427c | Triage

Submit
Reports

Overview

overview

Static

static

all.elf

ubuntu-18.04-amd64

6

Sharing

General

Target

8FD42863508C3E1488B459D7E233AC9554A20237167CDE75C622CDB1F1AE386C.zip
Size

341B
Sample

240502-t3whrscg91
MD5

d99c70146348317bbc882339c7f7d957
SHA1

fe331fe12d9c470b1be151ac836faf2a443762c7
SHA256

de32c85d919ae93797a7f70c4ec287372308bf80eb7ebb46b05c1a8626e0427c
SHA512

6f08ecd6976f9a9320e4576bcbb142900fd4778d1a9719aa2564bd521f1354dfd46a9f5bd99713e0754420a990477c346f0aeb9e6bfcda9c770bf4eb0ca89fa4

Score

10^/10

connectback linux

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

all.elf

Resource

ubuntu1804-amd64-20240226-en

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Extracted

Family

connectback

C2

185.243.115.250:6222

Targets

- Target
  
  all.elf
- Size
  
  250B
- MD5
  
  be0f7ba8c05baadd7c3042f4ec577681
- SHA1
  
  6cd95182ab7ac0352029b934b8e08d264d4001c4
- SHA256
  
  8fd42863508c3e1488b459d7e233ac9554a20237167cde75c622cdb1f1ae386c
- SHA512
  
  0763590b136a03673b4177dee04eff62e2f126c9dc119dd7040d81cae023d174301308c389f81a7da2d5ec4796aaa746c6a909fa100d5a1d5b0bf32ea3950428
Score

6^/10
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy