This malware contains several thing worth to mention:

• persistence via udev rules
  • this technique is not documented in MITRE ATT&CK
• remote access to the victim device
  • the malware calls home and creates reverse shell for the attacker
• hides itself
  • like "rootkit", it filters out strings with its name from the outputs of the system commands (e.g. ls, find)
• code injection to another processes
  • related to scraping credit cards data