2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf

Analysis

max time kernel
0s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
submitted
21-06-2022 20:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf
Size

101KB
MD5

c3548ef75116ddf90775b0cd45cd280d
SHA1

7d98077fb3e044c041f1c9ffa9ca3361135d15a4
SHA256

2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf
SHA512

db33c5ba3454ee2e99e2d5c7e2e1a40fd24c5b74bbef48b45295d193de98af4386aab8bbfbde5a16398cb243eecbb9248949b1e4f54482749e728b865af0667c

Score

7^/10

persistence

Malware Config

Signatures

Modifies rc script 1 TTPs 1 IoCs

Adding/modifying system rc scripts is a common persistence mechanism.

persistence

Boot or Logon Autostart Execution

T1547

description	ioc	Process
/etc/rc.d/rc.local	/etc/rc.d/rc.local	2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf

./2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf
./2f805a8b08777adce9d8a428d6b48f61d5f4c113dbcb9717b9fc4c1411587bdf
1⤵
- Modifies rc script
PID:581

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads