Analysis
-
max time kernel
19833s -
max time network
155s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
-
submitted
25-07-2022 04:19
General
-
Target
ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
-
Size
101KB
-
MD5
75365fdb62e5047f16907f7db3142afb
-
SHA1
edc5cf10aff694010839e8652e0bd08686934ecb
-
SHA256
ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
-
SHA512
de669973feb75d85207b90009d31ad1e951dd92db787b5f8a70ba601fd098587cb2213a9ac69f760f72890d30d5c931e73add6125f8bbdd5a5af83576674a80b
Score
8/10
Malware Config
Signatures
-
Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Modifies rc script 1 TTPs 1 IoCs
Adding/modifying system rc scripts is a common persistence mechanism.
Processes
-
/tmp/ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513/tmp/ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b5131⤵
- Modifies rc script