2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45

Analysis

max time kernel
12935s
max time network
154s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
submitted
07-05-2022 09:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
Size

85KB
MD5

748d51fd6cccb22ba62d8cbaf462fb7f
SHA1

5c579ae7cffacab534f0e8f3e4be7519fd007fbd
SHA256

2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
SHA512

926d2c27f4d3ae3e07b7653c092dabc64c7bb68ccfd45fb6ea500cf3813bd21257e431414eb8603981ad1687ba0b3b21d9da1808db267737ad1b62a6ad1760e7

Score

8^/10

persistence

Malware Config

Signatures

Modifies hosts file 1 IoCs

Adds to hosts file used for mapping hosts to IP addresses.

description	ioc
/etc/hosts	/etc/hosts

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

T1568

description	ioc
/etc/resolv.conf	/etc/resolv.conf

Modifies rc script 1 TTPs 1 IoCs

Adding/modifying system rc scripts is a common persistence mechanism.

persistence

Boot or Logon Autostart Execution

T1547

description	ioc	Process
/etc/rc.d/rc.local	/etc/rc.d/rc.local	2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45

./2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
./2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
1⤵
- Modifies rc script
PID:581

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

T1568

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads