Analysis

  • max time kernel
    3587s
  • max time network
    141s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    23-09-2021 00:03

General

  • Target

    chimaera.cc

  • Size

    571KB

  • MD5

    1221631e5fd5628435b6dfef15899fce

  • SHA1

    e79a4a0b67ca563f954ea63ab0b415b3b11037d6

  • SHA256

    fe3c5c4f94b90619f7385606dfb86b6211b030efe19b49c12ead507c8156507a

  • SHA512

    aff1e12c03d58315320c47e4c44dceafea66e688643867febbf1d6ed49f4dbbbf2185059b851dafef76692bfc1b4d6c0cf2f1303b42777832a5e2ffbc2f8fe75

Score
10/10

Malware Config

Signatures

  • suricata: ET MALWARE IRC Nick change on non-standard port

    suricata: ET MALWARE IRC Nick change on non-standard port

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

Processes

  • ./chimaera.cc
    ./chimaera.cc
    1⤵
    • Modifies rc script
    PID:673

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads