Overview

overview

10

Static

static

10

4e0821c66f...f9392d

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    1791s
  • max time network
    152s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    30-11-2022 13:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e0821c66f32229eff0672c96b81bd4bfaf2b20d2967984d1f78e2976ef9392d

  • Size

    92KB

  • MD5

    604ff44ad4d677f97ae2042d460efe5f

  • SHA1

    0b41083b17c381f0976943258f79f9a303779c25

  • SHA256

    4e0821c66f32229eff0672c96b81bd4bfaf2b20d2967984d1f78e2976ef9392d

  • SHA512

    851015a4d2f00755045bcc622521510c3377278494358b2d42e414741bbf11a527f7b76a33d888a047834af98d0fbf638c1bbc333be2c74e1863d5b293639741

  • SSDEEP

    1536:W7uJtxNeVE8zV7aDlvhE1hmkJ0S36W6bWjK3pyPXfH0mA+KWOXFseaZYxe:4SsVEeVMlpmXJ0O6WpjK5ifUm/KWOXFE

Score
7/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/4e0821c66f32229eff0672c96b81bd4bfaf2b20d2967984d1f78e2976ef9392d
    /tmp/4e0821c66f32229eff0672c96b81bd4bfaf2b20d2967984d1f78e2976ef9392d
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:582

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads