5a727c0945f1fefe1eed327d4cea24ec20fd8460e21d656578e845f93c6a938c | Triage

Sharing

General

Target

5a727c0945f1fefe1eed327d4cea24ec20fd8460e21d656578e845f93c6a938c
Size

141KB
Sample

220802-d3c4eshac8
MD5

b119b741af80e266cd130692f0e9a383
SHA1

13c09100a92202349d0836f42b1b615ba7488372
SHA256

5a727c0945f1fefe1eed327d4cea24ec20fd8460e21d656578e845f93c6a938c
SHA512

93ec96ce5fd7a3f0f906409d525bd79f4e9de39785a0bf4b2a88b023d086ea3b356df54398f25d3a09f3d17e3328b8acd7bb17a4b409450022258f411cf2d03f

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  5a727c0945f1fefe1eed327d4cea24ec20fd8460e21d656578e845f93c6a938c
- Size
  
  141KB
- MD5
  
  b119b741af80e266cd130692f0e9a383
- SHA1
  
  13c09100a92202349d0836f42b1b615ba7488372
- SHA256
  
  5a727c0945f1fefe1eed327d4cea24ec20fd8460e21d656578e845f93c6a938c
- SHA512
  
  93ec96ce5fd7a3f0f906409d525bd79f4e9de39785a0bf4b2a88b023d086ea3b356df54398f25d3a09f3d17e3328b8acd7bb17a4b409450022258f411cf2d03f
Score

9^/10

discovery
- Contacts a large (37715) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies the Watchdog daemon
  Malware like Mirai modify the Watchdog to prevent it restarting an infected system.
- Writes file to system bin folder
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
- Write file to user bin folder
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Impair Defenses

Credential Access

Discovery

Network Service Scanning

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1