72a8ef1cde960d16b75a67e88ced48f0a94da1a93d04919c83b72060a9c27130 | Triage

Analysis

max time kernel
8285s
max time network
124s
platform
linux_amd64
resource
ubuntu-amd64
submitted
23-02-2021 13:09

Sharing

Report Analysis Logs

General

Target

gg
Size

48KB
MD5

b93bc25b8ccbff35ca9f22d09f76d959
SHA1

26f9660da87bea3b2d44c238be57ebbef61b9e34
SHA256

72a8ef1cde960d16b75a67e88ced48f0a94da1a93d04919c83b72060a9c27130
SHA512

80a1289f79d52c1e8fd84d014ce5fdb136b43225f2995696862f1c6a40a6e11b9f0d05725a52878fc46408ff67f77438a954df97ec2eeabbe5d2a754723b8a19

Score

8^/10

Malware Config

Signatures

Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.

Processes:

description ioc

/etc/hosts /etc/hosts
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.

Dynamic Resolution
T1568

Processes:

description ioc

/etc/resolv.conf /etc/resolv.conf

./gg
./gg
1⤵
PID:562

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Replay Monitor

Loading Replay Monitor...