Analysis
-
max time kernel
30411s -
max time network
155s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
25-11-2022 10:10
Static task
static1
General
-
Target
55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
-
Size
2.1MB
-
MD5
17b5c3bbe911c2bfe074b67f9c021939
-
SHA1
b617d3381a346c4667286397c6cfa8ef1a6f6645
-
SHA256
55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8
-
SHA512
9091b14dd7f4f4fd1c1f8fc6b64bd8cc8bff1bb3b63b2d0089eff0aad3a3d0f3ab276b797a08ce2ecba731233ff2538a17f8662942959ed378ab5ae6198bea83
-
SSDEEP
49152:BwMSS60Cy0UBWQlvVwD4SLPiYwaVRKk3tpG+rNg7s45:H1UUcaNur4CB9pG+r38
Malware Config
Signatures
-
Detected phishing page
-
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
-
Modifies hosts file 1 IoCs
Adds to hosts file used for mapping hosts to IP addresses.
Processes:
description ioc /etc/hosts /etc/hosts -
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.
Processes:
55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8description ioc process /proc/self/exe /proc/self/exe 55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8 /proc/sys/net/core/somaxconn /proc/sys/net/core/somaxconn 55c92d64ffa9d170e340e0528dc8ea1fa9be98f91db891869947c5b168a728c8 /proc/sys/kernel/hostname /proc/sys/kernel/hostname -
GoLang User-Agent 16 IoCs
Uses default user-agent string defined by GoLang HTTP packages.
Processes:
description flow ioc HTTP User-Agent header 63815 Go-http-client/1.1 HTTP User-Agent header 10600 Go-http-client/1.1 HTTP User-Agent header 13366 Go-http-client/1.1 HTTP User-Agent header 14160 Go-http-client/1.1 HTTP User-Agent header 58039 Go-http-client/1.1 HTTP User-Agent header 60346 Go-http-client/1.1 HTTP User-Agent header 61859 Go-http-client/1.1 HTTP User-Agent header 41952 Go-http-client/1.1 HTTP User-Agent header 44263 Go-http-client/1.1 HTTP User-Agent header 53720 Go-http-client/1.1 HTTP User-Agent header 23635 Go-http-client/1.1 HTTP User-Agent header 34931 Go-http-client/1.1 HTTP User-Agent header 34960 Go-http-client/1.1 HTTP User-Agent header 38331 Go-http-client/1.1 HTTP User-Agent header 17880 Go-http-client/1.1 HTTP User-Agent header 42030 Go-http-client/1.1