55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8 | Triage

Submit
Reports

Overview

overview

Static

static

55c92d64ff...a728c8

ubuntu-18.04-amd64

Sharing

General

Target

55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
Size

2.1MB
Sample

221125-l7snnsdc6s
MD5

17b5c3bbe911c2bfe074b67f9c021939
SHA1

b617d3381a346c4667286397c6cfa8ef1a6f6645
SHA256

55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
SHA512

9091b14dd7f4f4fd1c1f8fc6b64bd8cc8bff1bb3b63b2d0089eff0aad3a3d0f3ab276b797a08ce2ecba731233ff2538a17f8662942959ed378ab5ae6198bea83
SSDEEP

49152:BwMSS60Cy0UBWQlvVwD4SLPiYwaVRKk3tpG+rNg7s45:H1UUcaNur4CB9pG+r38

Score

10^/10

royalmail discovery linux phishing

Static task

static1

Behavioral task

behavioral1

Sample

55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8

Resource

ubuntu1804-amd64-en-20211208

royalmail discovery phishing

ubuntu-18.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
- Size
  
  2.1MB
- MD5
  
  17b5c3bbe911c2bfe074b67f9c021939
- SHA1
  
  b617d3381a346c4667286397c6cfa8ef1a6f6645
- SHA256
  
  55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
- SHA512
  
  9091b14dd7f4f4fd1c1f8fc6b64bd8cc8bff1bb3b63b2d0089eff0aad3a3d0f3ab276b797a08ce2ecba731233ff2538a17f8662942959ed378ab5ae6198bea83
- SSDEEP
  
  49152:BwMSS60Cy0UBWQlvVwD4SLPiYwaVRKk3tpG+rNg7s45:H1UUcaNur4CB9pG+r38
Score

10^/10

royalmail discovery phishing
- Detected phishing page
  phishing
- Detected royalmail phishing page
  phishing royalmail
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1

royalmaildiscoveryphishing

© 2018-2024

Terms | Privacy