bpfdoor | 3681c47beb85bc823002704a999089a827ed59aa5a1ce69076ff50b348b43694 | Triage

Submit
Reports

Overview

overview

Static

static

fe9f3b7451...ked_49

ubuntu-18.04-amd64

Sharing

General

Target

240207-xqcrnsahe9_pw_infected.zip
Size

12KB
Sample

240506-k29vbsac55
MD5

c53aeb830008038d54dc791b4f5c4568
SHA1

75b2da873111f3e0994dd84d16c20b3383e0b435
SHA256

3681c47beb85bc823002704a999089a827ed59aa5a1ce69076ff50b348b43694
SHA512

80bc7ad21fc6b12d54fea1040007acd9ee31c8da917265602a812e2396c161f28802a359692d75f918940f1c66bebd23499f7199f81072e1bd5bd6cfb4ac341f
SSDEEP

384:Wui7DIhQ3IkuRHezXVXTgHZVRz8uoAdPYJFYMVLAxt:WuirIepKVza4P+uKLA/

Score

10^/10

bpfdoor backdoor linux

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fe9f3b7451913f184e1f53b52a03a981dcea5564633cfcb70d01bd0aec8f30a7_unpacked_49

Resource

ubuntu1804-amd64-20240418-en

bpfdoor backdoor

ubuntu-18.04-amd64

3 signatures

1800 seconds

Malware Config

Targets

- Target
  
  fe9f3b7451913f184e1f53b52a03a981dcea5564633cfcb70d01bd0aec8f30a7_unpacked_49
- Size
  
  27KB
- MD5
  
  75d389d0f987a21bf959ca222844516a
- SHA1
  
  ef03b84048193a158ecf1f7033ab0cc8869dd2a5
- SHA256
  
  b83127fbde5074247b81012553de69604365f7c4c378d8bcb54552c81ea85414
- SHA512
  
  96189c8db80c685b56f41a39ca8c319b6306240f10795e758a9812b2923dcc0d40d01551e7127c1e2c74fc6bfb2a3512ae4856040ff01bedd9fb4f22f5dc50a2
- SSDEEP
  
  768:BSD/o+FMXrThYxtXZZTthZbDRSDOfQEd0iFXPRPLd3:O/o+FMXrThYxtjTthZN0iFXPRPh
Score

10^/10

bpfdoor backdoor
- BPFDoor
  BPFDoor is an evasive Linux backdoor attributed to a Chinese threat actor called Red Menshen.
  backdoor bpfdoor
- BPFDoor payload
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bpfdoorbackdoor

© 2018-2024

Terms | Privacy