Analysis
-
max time kernel
14460s -
max time network
153s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
25-05-2022 01:20
General
-
Target
0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
-
Size
47KB
-
MD5
d6b2df486692cbf7e088a245e5bb7aea
-
SHA1
351f1bd5b513ba5fef228c9bd3f3d36391a42038
-
SHA256
0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
-
SHA512
8746355ddba21ae88e179b4ba59e8350b85a54404326af8cbe598c8ad7576b2dd173f46b171c01310424717cc66aa4da5a4e3ad75e67c382c8fadf79f7df29f7
Score
7/10
Malware Config
Signatures
-
Modifies rc script 1 TTPs 1 IoCs
Adding/modifying system rc scripts is a common persistence mechanism.
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
./0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe./0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe1⤵
- Modifies rc script