Overview

overview

8

Static

static

2e8993612c...229e2c

ubuntu-18.04-amd64

8

2e8993612c...229e2c

debian-9-armhf

8

2e8993612c...229e2c

debian-9-mips

8

2e8993612c...229e2c

debian-9-mipsel

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e8993612ccbfb6566bca23dfa11473cc685380405da06030e18e8d00c229e2c

  • Size

    37KB

  • Sample

    221128-xxpptaea7v

  • MD5

    58eedfa5708736099dfaec1a9cd63792

  • SHA1

    25f6ac413637644c4d65ad1e2f3d5abbf2b70bad

  • SHA256

    2e8993612ccbfb6566bca23dfa11473cc685380405da06030e18e8d00c229e2c

  • SHA512

    57840c276b05af10924dc7ded26981663e0b31a89c0e63f19835de1f094191091196fd4bfb42b5b14cd443d3739de31995cb53686f8888576e058a3d79afb66d

  • SSDEEP

    384:w4NqqoC/XZIEe4Xz2Ye6/mBPOes4zFftyLjXJaujtBBifvzM5re2Mb:D1IEe4Xz2YeGmBPZ1fKLNOgI

Score
8/10
discoverylinux

Malware Config

Targets

    • Target

      2e8993612ccbfb6566bca23dfa11473cc685380405da06030e18e8d00c229e2c

    • Size

      37KB

    • MD5

      58eedfa5708736099dfaec1a9cd63792

    • SHA1

      25f6ac413637644c4d65ad1e2f3d5abbf2b70bad

    • SHA256

      2e8993612ccbfb6566bca23dfa11473cc685380405da06030e18e8d00c229e2c

    • SHA512

      57840c276b05af10924dc7ded26981663e0b31a89c0e63f19835de1f094191091196fd4bfb42b5b14cd443d3739de31995cb53686f8888576e058a3d79afb66d

    • SSDEEP

      384:w4NqqoC/XZIEe4Xz2Ye6/mBPOes4zFftyLjXJaujtBBifvzM5re2Mb:D1IEe4Xz2YeGmBPZ1fKLNOgI

    Score
    8/10
    discovery

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

1
T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks