ad2d2ae296c85792794bdf2d77efa5f56d07846f091037661392c697febaebb8 | Triage

Resubmissions

05-09-2022 20:19

220905-y379saefbn 8

20-08-2022 07:53

220820-jqy31sghcj 8

Sharing

General

Target

262319f550cc09ccd489f1caf254e54b
Size

10.4MB
Sample

220905-y379saefbn
MD5

262319f550cc09ccd489f1caf254e54b
SHA1

243b1043c72ce76aaefa1c84b39b00778ae1b53f
SHA256

ad2d2ae296c85792794bdf2d77efa5f56d07846f091037661392c697febaebb8
SHA512

25ab2141d01c8a8bf3733b2fdf8192ada477a4e8f9c6b53052c3d4daf9bcc70f9f761156a2af309568cc5a9fa77b2a3bd1ace3b3720540bdae2e1b770f7c6db7
SSDEEP

196608:muJHGbszcH24xALq0DVW6vVSitrdoYvq8z+byKpVcGJ/daQbhcyJpHqebEM:hJHAPfA7VSSoYS8zBKpSGJlaKJFzbEM

Score

8^/10

linux

Malware Config

Targets

- Target
  
  262319f550cc09ccd489f1caf254e54b
- Size
  
  10.4MB
- MD5
  
  262319f550cc09ccd489f1caf254e54b
- SHA1
  
  243b1043c72ce76aaefa1c84b39b00778ae1b53f
- SHA256
  
  ad2d2ae296c85792794bdf2d77efa5f56d07846f091037661392c697febaebb8
- SHA512
  
  25ab2141d01c8a8bf3733b2fdf8192ada477a4e8f9c6b53052c3d4daf9bcc70f9f761156a2af309568cc5a9fa77b2a3bd1ace3b3720540bdae2e1b770f7c6db7
- SSDEEP
  
  196608:muJHGbszcH24xALq0DVW6vVSitrdoYvq8z+byKpVcGJ/daQbhcyJpHqebEM:hJHAPfA7VSSoYS8zBKpSGJlaKJFzbEM
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads CPU attributes
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1