Analysis

  • max time kernel
    12196s
  • max time network
    125s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    09-04-2021 19:37

General

  • Target

    80b4d47bfbd273f0bcc609dfff4a322575df824149438bdbbe82ba9cd4448dfe

  • Size

    37KB

  • MD5

    818d46c395a65a8b76f2f5afef6381b5

  • SHA1

    ad649dfd942b63dd52be42d6997b0fdf6456d671

  • SHA256

    80b4d47bfbd273f0bcc609dfff4a322575df824149438bdbbe82ba9cd4448dfe

  • SHA512

    eb937788797de46d71b41376c4da5a47e1442f8bd279781f3e7f20d0ee93a2b195b38d87d7c6e6f945a2808ed816a55d5a5e624c185671a7f938b6c1b53ba2dd

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

Processes

  • ./80b4d47bfbd273f0bcc609dfff4a322575df824149438bdbbe82ba9cd4448dfe
    ./80b4d47bfbd273f0bcc609dfff4a322575df824149438bdbbe82ba9cd4448dfe
    1⤵
    • Modifies rc script
    PID:563

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads