General

  • Target

    2bc1855eb4297c28116e412b6705e14a.bin

  • Size

    43KB

  • Sample

    241028-bgxvlatrcv

  • MD5

    da07dbfb8fdd112bb2bd4a8aa055bdaf

  • SHA1

    cb7eaff8e2f9aabb0c343f26c6057baa7a195f2f

  • SHA256

    9cb34a4c41186002a0d523d847cf95c4e099ac6c61a03888ad9e58e303be1d8f

  • SHA512

    646db5a9f28d254f9bca67b1f9657ca301e2186e55caa98c2666569dd6a016ccd1e44bb80cef0e3f8616b39f52f7fbb5a65e184b31797abb855638dd559ba2bf

  • SSDEEP

    768:G/nUB2ss34sdKR9dXdDFDGctqY/wPu4F8CDOdCaBJxA5wvn/hol4mHqHFpc:7YssIso9dtDtbqNuOVwCqJNvnJsHCc

Malware Config

Targets

    • Target

      0d8c3289a2b21abb0d414e2c730d46081e9334a97b5e0b52b9a2f248c59a59ad.elf

    • Size

      99KB

    • MD5

      2bc1855eb4297c28116e412b6705e14a

    • SHA1

      4d8189399c887b335e1d690961e38b806948d9cd

    • SHA256

      0d8c3289a2b21abb0d414e2c730d46081e9334a97b5e0b52b9a2f248c59a59ad

    • SHA512

      1074aa161b94e13c473e8cf23d6bbd6baa531854b4c110b8142ccd8e8296b6a94751e55907f9ed6aff7d1b470676c81ea5754fdfeef14f8829dc9a5e3452d26e

    • SSDEEP

      1536:uo6JSd6vTfjZ0IonWnP4MmBGSBGxJGSnuqMLHRvMNswe+fYgHIRyyR:upP5ld4MaqMjRUKuYRyyR

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Renames itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

MITRE ATT&CK Enterprise v15

Tasks