Overview

overview

8

Static

static

10

apa.jpg

linux_amd64

8

Resubmissions

30-08-2024 07:51

240830-jp24aavcqq 10

31-03-2022 12:14

220331-pea5psbff2 10

Analysis

  • max time kernel
    9747s
  • max time network
    155s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    31-03-2022 12:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    apa.jpg

  • Size

    53KB

  • MD5

    10ac30ebbed68584400f8ccd814e2a60

  • SHA1

    fc3539a0c7b4f5bcbe22373fe0e81fb613afd270

  • SHA256

    6574b93062974e287a65798dca6f6efd2bc8f8e376baa6efa69ddfc719acf8d9

  • SHA512

    a51563bd3f6639b927d8c3ff53e24551d6a9936b8185305840c8e8cbc05ac3e8a465a7d3a09f915af7b81afec4092c7c4b170589d3b5f954e8ec65e4d11dea18

Score
8/10
persistence

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Modifies rc script 1 TTPs 1 IoCs

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

Processes

  • ./apa.jpg
    ./apa.jpg
    1⤵
    • Modifies rc script
    PID:577
    • /bin/sh
      sh -c "/usr/bin/chmod +x /etc/rc.d/rc.local"
      2⤵
        PID:578
        • /usr/bin/chmod
          /usr/bin/chmod +x /etc/rc.d/rc.local
          3⤵
            PID:579

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads