Extracted

• • Target

    fabd6308a61a5991c5da0945256ceee26cc88b5e839e41dc02444bdafe485667.elf

  • Size

    135KB

  • MD5

    bae707d3b1c351126c597d6758a4cffe

  • SHA1

    96bd39a7e0b1f08c29a8c739af86a371b54e22a3

  • SHA256

    fabd6308a61a5991c5da0945256ceee26cc88b5e839e41dc02444bdafe485667

  • SHA512

    1dfe52fef9d30f628c4e7a9ab4480ad78a102bf0251f543095823023330d58def3ba7c9f372f5a195f563bebed9b8921050f23dd9a932a5b4da5142d8a2e962a

  • SSDEEP

    3072:EHHyPnuTxmxpjcVhyofAWuvm5ReFfgK4iOtQlQ+135hwP/TJo1m6QNdNpHOe:wHyBvgwEtQlQC35hwP/Ti1m6QNdLHOe

  Score

  7^/10

  defense_evasiondiscovery

  • Deletes Audit logs

    Deletes logs related to the Linux Audit framework.

    defense_evasion

  • Deletes itself

  • Deletes system logs

    Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    defense_evasion

  • Flushes firewall rules

    Flushes/ disables firewall rules inside the Linux kernel.

    defense_evasion

  • Writes DNS configuration

    Writes data to DNS resolver config file.

  • Deletes log files

    Deletes log files on the system.

    defense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads system routing table

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  behavioral1