010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24

Analysis

max time kernel
14377s
max time network
104s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
submitted
24/05/2022, 02:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24
Size

101KB
MD5

4c3ba14d6261eea9f87f25be4ebc9a24
SHA1

c8cc3514e5a54dcf3e2f7d045767b6bb3402b44a
SHA256

010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24
SHA512

0b589118a256cb4a43a17686fc84a75fa4e54a1f58e6b6e3e87916ac9188798678c9b09ce99dc7ca168db03500d1973f9b78a5af9ed5fc36ea1ec0a0b85c3adf

Score

8^/10

persistence

Malware Config

Signatures

Modifies hosts file 1 IoCs

Adds to hosts file used for mapping hosts to IP addresses.

description	ioc
/etc/hosts	/etc/hosts

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

T1568

description	ioc
/etc/resolv.conf	/etc/resolv.conf

Modifies rc script 1 TTPs 1 IoCs

Adding/modifying system rc scripts is a common persistence mechanism.

persistence

Boot or Logon Autostart Execution

T1547

description	ioc	Process
/etc/rc.d/rc.local	/etc/rc.d/rc.local	010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24

./010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24
./010dd6c661e54bc8c64c8762eb120ab04ff35ce325ec54d5b7d449c9c8e00d24
1⤵
- Modifies rc script
PID:576

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

T1568

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads