Analysis

  • max time kernel
    6166s
  • max time network
    103s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    17-02-2022 22:08

General

  • Target

    05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4

  • Size

    1005KB

  • MD5

    557a88e83aded0014f7cfb2db586c54b

  • SHA1

    47f104201ffff3b1bc0b0f0d362feecdb1804772

  • SHA256

    05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4

  • SHA512

    b132776905b23dcef930d2dd8c176ba2f25648c10ca4cb8f8061c5465d63eba54153756747241cb28aaf6caef686dcf34aea2c3c858c24211342d0b80d1c4ff4

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

Processes

  • ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
    ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
    1⤵
      PID:593
      • /bin/sh
        sh -c "crontab -l | grep ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4|| (crontab -l ; echo \"* * * * * ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4\") | crontab -"
        2⤵
          PID:594
          • /bin/grep
            grep ./05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
            3⤵
              PID:596
            • /usr/bin/crontab
              crontab -l
              3⤵
                PID:595
              • /usr/bin/crontab
                crontab -
                3⤵
                  PID:598
            • /usr/bin/crontab
              crontab -l
              1⤵
                PID:599

              Network

              MITRE ATT&CK Enterprise v6

              Replay Monitor

              Loading Replay Monitor...

              Downloads