General

  • Target

    a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df

  • Size

    101KB

  • Sample

    211002-rqapeseegm

  • MD5

    479b6bc7dfc3b65370c9668e5da6bf0d

  • SHA1

    3b0231ea896db354bd48181054a8f182ce98ed7e

  • SHA256

    a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df

  • SHA512

    e9b1bec197cd84f8d5d244177c663cc4f5caf3d1a7580c87f32b51ccc01466dec328199f8e71e9d47bc1ca397fa2286773020aed1355930c809eb708cb2f5579

Score
10/10

Malware Config

Targets

    • Target

      a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df

    • Size

      101KB

    • MD5

      479b6bc7dfc3b65370c9668e5da6bf0d

    • SHA1

      3b0231ea896db354bd48181054a8f182ce98ed7e

    • SHA256

      a46c870d1667a3ee31d2ba8969c9024bdb521ae8aad2079b672ce8416d85e8df

    • SHA512

      e9b1bec197cd84f8d5d244177c663cc4f5caf3d1a7580c87f32b51ccc01466dec328199f8e71e9d47bc1ca397fa2286773020aed1355930c809eb708cb2f5579

    Score
    10/10
    • suricata: ET MALWARE IRC Nick change on non-standard port

      suricata: ET MALWARE IRC Nick change on non-standard port

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Reads system network configuration

      Uses contents of /proc filesystem to enumerate network settings.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Enterprise v6

Tasks