Overview

overview

8

Static

static

x86

linux_amd64

8

Analysis

  • max time kernel
    11553s
  • max time network
    137s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    21-04-2022 10:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x86

  • Size

    52KB

  • MD5

    f09a378e05d1d6467da0f8f6219feeed

  • SHA1

    3ba3d059ab7998dcfc3aa96dac2db068c2eb3893

  • SHA256

    d34acff690e42b6bb4ec5d1a43b2fafac9611a625643fa55926a48cdd0355f77

  • SHA512

    db0636dff9da9388a65e5778bd4a4cd921a069bd621e3aad44e59efe16c54ef750d12652425deb9b3af8f67251475c930af40616f502e3de789164d068f92e8a

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 2 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 2 IoCs

    Writes data to DNS resolver config file.

Processes

  • ./x86
    ./x86
    1⤵
      PID:577
    • /bin/sh
      sh -c "/bin/busybox wget 2>&1"
      1⤵
        PID:593
        • /bin/busybox
          /bin/busybox wget
          2⤵
            PID:594
        • /bin/sh
          sh -c "wget https://urlhaus.abuse.ch/downloads/text_online/ -q"
          1⤵
            PID:597
            • /usr/bin/wget
              wget https://urlhaus.abuse.ch/downloads/text_online/ -q
              2⤵
              • Modifies hosts file
              • Writes DNS configuration
              PID:598
          • /bin/sh
            sh -c "/bin/busybox wget 2>&1"
            1⤵
              PID:607
              • /bin/busybox
                /bin/busybox wget
                2⤵
                  PID:608
              • /bin/sh
                sh -c "wget https://urlhaus.abuse.ch/downloads/text_online/ -q"
                1⤵
                  PID:611
                  • /usr/bin/wget
                    wget https://urlhaus.abuse.ch/downloads/text_online/ -q
                    2⤵
                    • Modifies hosts file
                    • Writes DNS configuration
                    PID:612

                Network

                MITRE ATT&CK Enterprise v6

                Replay Monitor

                Loading Replay Monitor...

                Downloads