Overview

overview

6

Static

static

1

etc/init.d/dlump

ubuntu-18.04-amd64

etc/init.d/dlump

debian-9-armhf

etc/init.d/dlump

debian-9-mips

etc/init.d/dlump

debian-9-mipsel

etc/rc.d/r...0dlump

ubuntu-18.04-amd64

etc/rc.d/r...0dlump

debian-9-armhf

etc/rc.d/r...0dlump

debian-9-mips

etc/rc.d/r...0dlump

debian-9-mipsel

etc/rc.d/r...0dlump

ubuntu-18.04-amd64

etc/rc.d/r...0dlump

debian-9-armhf

etc/rc.d/r...0dlump

debian-9-mips

etc/rc.d/r...0dlump

debian-9-mipsel

etc/rc.d/r...0dlump

ubuntu-18.04-amd64

etc/rc.d/r...0dlump

debian-9-armhf

etc/rc.d/r...0dlump

debian-9-mips

etc/rc.d/r...0dlump

debian-9-mipsel

etc/rc.d/r...0dlump

ubuntu-18.04-amd64

etc/rc.d/r...0dlump

debian-9-armhf

etc/rc.d/r...0dlump

debian-9-mips

etc/rc.d/r...0dlump

debian-9-mipsel

etc/rc.d/r...0dlump

ubuntu-18.04-amd64

etc/rc.d/r...0dlump

debian-9-armhf

etc/rc.d/r...0dlump

debian-9-mips

etc/rc.d/r...0dlump

debian-9-mipsel

home/www/.Xl1/ccc

ubuntu-22.04-amd64

1

home/www/.Xl1/kde

ubuntu-24.04-amd64

6

home/www/.Xl1/udevd

ubuntu-20.04-amd64

6

home/www/.profile.sh

ubuntu-18.04-amd64

home/www/.profile.sh

debian-9-armhf

home/www/.profile.sh

debian-9-mips

home/www/.profile.sh

debian-9-mipsel

home/www/t...p/a.js

windows7-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CHINA-APT-Trojan.zip

  • Size

    9.6MB

  • Sample

    241121-pj8xjaskfs

  • MD5

    ecc96e25a5700cedaedcbe553142ab80

  • SHA1

    843d6b0054d066845628e2d5db95201b20e12cd2

  • SHA256

    d17a1b1f15b6a8f2d1ef92c81ea0b3d4c95ffe3fc97f4000cb77e8c625ed4e81

  • SHA512

    01bfef39d7277c1995f6e5ea11401201882d5763ad6088c582c5951ed4167fb64e744863fed00965e073acd2d0619e96f7896127ef750fe655475e9207ba9c29

  • SSDEEP

    196608:SEhlwnz+BdrV2qKcTz362WdEhlwnz+BdrV2GKcTz362WT:9lwz+BdhacTT5nlwz+Bdh0cTT5G

Score
6/10
discoveryexecutionlinuxpersistence

Malware Config

Targets

    • Target

      etc/init.d/dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral1behavioral2behavioral3behavioral4

    • Target

      etc/rc.d/rc1.d/S60dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral5behavioral6behavioral7behavioral8

    • Target

      etc/rc.d/rc2.d/S60dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral10behavioral11behavioral12behavioral9

    • Target

      etc/rc.d/rc3.d/S60dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral13behavioral14behavioral15behavioral16

    • Target

      etc/rc.d/rc4.d/S60dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral17behavioral18behavioral19behavioral20

    • Target

      etc/rc.d/rc5.d/S60dlump

    • Size

      30B

    • MD5

      c4be6d26325eaf0454e93f5b2400146a

    • SHA1

      552675a89bd1420dae70b6c27458b754ee55cd01

    • SHA256

      bdd986bd1e3202772113fb79f8885598ea109cfacab9372a70bfca60aad69d65

    • SHA512

      ee29d892ed110027450d6a9a54fc1ab2f6bdebff5f592317e2b62c732ccf2786cc3e16d9c6cb7087ae46b6e81929300be51ce1ddd867bb9b507d1b72d04aa07a

    Score
    1/10
    behavioral21behavioral22behavioral23behavioral24

    • Target

      home/www/.Xl1/ccc

    • Size

      8KB

    • MD5

      5789e8b1a31d7117b05143cec4a85378

    • SHA1

      209c4994a42af7832f526e09238fb55d5aab34e5

    • SHA256

      c26d239f415bec27125862acafdeac267be398bc9208e27f09217dc8ecf64225

    • SHA512

      5ab5798811c6b83e2d85cdb1ad2b6bdbf2981f9381159eb2038203254e3ac8775477792400645e250fcba62598c47c31a82a599e439be057b8f400dd3e278820

    • SSDEEP

      96:GFTxGzOqifdFb+zboSSR+Whu47J2lyIAf7QTa4B2woB9x:GFV0QFKzboS0fCnoF

    Score
    1/10
    behavioral25

    • Target

      home/www/.Xl1/kde

    • Size

      123KB

    • MD5

      87e437cf74ce4b1330b8af9ff71edae2

    • SHA1

      8532eca04c0f58172d80d8a446ae33907d509377

    • SHA256

      1ec286f2194199206e4ce345f1bf322b6b0b4c947b1cf32db59cca2d89370738

    • SHA512

      856a3140d54ec86f8cdac4b35f7a2266c800f75cbbcf075650e75fbc6e5f4e104c231aafecd8658a061439395a1131a5e2f075e1051550117fed6c3db8eb1446

    • SSDEEP

      3072:oKV6YwUaoJwfg+uKsdzUNtklICvOqAXby0:oKwYwUaEwfY+kI3Xu0

    Score
    6/10
    persistence
    behavioral26

    • Target

      home/www/.Xl1/udevd

    • Size

      3.4MB

    • MD5

      1418fe9a743226b9661a2b6decb19db0

    • SHA1

      0ab53321bb9699d354a032259423175c08fec1a4

    • SHA256

      ccf8e4d6e661ceaea598851923bb8b983bd820ffd02448b8245e6ac780977784

    • SHA512

      548cedaa7e100ca49800878a164989fabe101c58d3dea316efe13b368b18e00899664167b533c3556d6e82697677529cbd1e73cdd87aacac87c12363322042a4

    • SSDEEP

      98304:UdgXuBCAPGHGXqiCz6eH+USFUFJYX25Ot:OPmhSWYL

    Score
    6/10
    discoverypersistence
    behavioral27

    • Target

      home/www/.profile.sh

    • Size

      45B

    • MD5

      c6bc4e21447f4d69306d2aa2a4712c0f

    • SHA1

      b6ffbe6b788432215d3ce22a4f6c4a1dbe64721b

    • SHA256

      83a9d271c5d7f7bc8a1582348897674047aeb242c4457274bd241293201303be

    • SHA512

      199f63623155c91777a4a0c4c09160dddedb26b1b3c47a86e0e6a9240422ffd5dfd6babcc00b15a869e292711bf0dd9350d6b95d04b02ecebcfb1d6f9c518f45

    Score
    1/10
    behavioral28behavioral29behavioral30behavioral31

    • Target

      home/www/tomcat/webapps/WEB-INF/attache_temp/a.jsp

    • Size

      2KB

    • MD5

      7e811bb05983460dcacfffa60adaeaaa

    • SHA1

      fd601a54bc622c041df0242662964a7ed31c6b9c

    • SHA256

      d2e1ee14a424bf350d263ff68561e18da88c68db54d02a7f277a70d1a68c75aa

    • SHA512

      9ef0ef2d5a70bd46cf7eb4e66a51ac74c7c3e949a0e75decf74430d4953da5d266f3abbd11a19e3f1e04cb1a854e8d08353179241b2d392301fcd617dc31eb9f

    Score
    3/10
    execution
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

persistence
Score
6/10

behavioral27

discoverypersistence
Score
6/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

execution
Score
3/10