49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff

Analysis

max time kernel
18778s
max time network
155s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
submitted
14-07-2022 00:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff
Size

101KB
MD5

3ca3ba59a625725655d49e336ca3de93
SHA1

195d8746e246c61548968dd119b4c81a30f57669
SHA256

49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff
SHA512

3f72ed3f6ec8e0f0d88eb8b6109ca32ffc332be05c51874e177ff0633b40658193a7b1bfeeb81bbe1e01e62845da5e95f80ed3f52a428db4df38eccc9b99d56d

Score

7^/10

persistence

Malware Config

Signatures

Modifies rc script 1 TTPs 1 IoCs

Adding/modifying system rc scripts is a common persistence mechanism.

persistence

Boot or Logon Autostart Execution

T1547

description	ioc	Process
/etc/rc.d/rc.local	/etc/rc.d/rc.local	49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff

./49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff
./49306ab9a6151450bbd61f6275a0ebd54bfa797d29556034a49d497e3234b6ff
1⤵
- Modifies rc script
PID:576

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads