Analysis
-
max time kernel
6166s -
max time network
103s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
17-02-2022 22:08
Static task
static1
Behavioral task
behavioral1
Sample
05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
Resource
ubuntu1804-amd64-en-20211208
0 signatures
0 seconds
General
-
Target
05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
-
Size
1005KB
-
MD5
557a88e83aded0014f7cfb2db586c54b
-
SHA1
47f104201ffff3b1bc0b0f0d362feecdb1804772
-
SHA256
05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
-
SHA512
b132776905b23dcef930d2dd8c176ba2f25648c10ca4cb8f8061c5465d63eba54153756747241cb28aaf6caef686dcf34aea2c3c858c24211342d0b80d1c4ff4
Score
8/10
Malware Config
Signatures
-
Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.
Processes:
description ioc /etc/hosts /etc/hosts -
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
Processes
-
./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc41⤵PID:593
-
/bin/shsh -c "crontab -l | grep ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4|| (crontab -l ; echo \"* * * * * ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4\") | crontab -"2⤵PID:594
-
/bin/grepgrep ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc43⤵PID:596
-
-
/usr/bin/crontabcrontab -l3⤵PID:595
-
-
/usr/bin/crontabcrontab -3⤵PID:598
-
-
-
/usr/bin/crontabcrontab -l1⤵PID:599