Analysis

  • max time kernel
    5194s
  • max time network
    152s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    18-01-2021 18:34

General

  • Target

    SamPwn

  • Size

    927KB

  • MD5

    ee07542f7dba6a60342424faf92af201

  • SHA1

    966f44a6f36f80f2807fcd7f461aa3d52e77bc81

  • SHA256

    305901aa920493695729132cfd20cbddc9db2cf861071450a646c6a07b4a50f3

  • SHA512

    cf88ac814227e541e5a307b2248d80b7e18f7b070127d4fa10b72780f49f3a955c2342867f004385e36c7dd2032feda18ace0d708d231fa0c91c3ccf5e6fbb1f

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

Processes

  • ./SamPwn
    ./SamPwn
    1⤵
    • Modifies rc script
    PID:562

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads