Overview

overview

10

Static

static

10

31330c0409...c11a1a

ubuntu-18.04-amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31330c0409337592e9de7ac981cecb7f37ce0235f96e459fefbd585e35c11a1a

  • Size

    84KB

  • Sample

    221203-3n3g7sfg28

  • MD5

    e6bad14fff4f94705a2d8a628799025d

  • SHA1

    d4b855b2c9db3fdb34182d00b9a0a455086b8e50

  • SHA256

    31330c0409337592e9de7ac981cecb7f37ce0235f96e459fefbd585e35c11a1a

  • SHA512

    9cfb0015cf4b51977e9b4bfef4e3918b7e7dfe4cc76f49aa32ea56ecfc97c035cac0ef8cc9a0379b937e8a6ed34b01b805e1034920a34d6c08a42318f57de49a

  • SSDEEP

    1536:jVjv3n5rDNuVKNnIhnhhW2cgJbhqHekyN/1H5xuM8WWz:jVb6EIhnhhW2cgBhq+xN/1Zx2WG

Score
10/10
rekoobelinux

Malware Config

Extracted

Family

rekoobe

C2

sg.img-cache.com:443

Targets

    • Target

      31330c0409337592e9de7ac981cecb7f37ce0235f96e459fefbd585e35c11a1a

    • Size

      84KB

    • MD5

      e6bad14fff4f94705a2d8a628799025d

    • SHA1

      d4b855b2c9db3fdb34182d00b9a0a455086b8e50

    • SHA256

      31330c0409337592e9de7ac981cecb7f37ce0235f96e459fefbd585e35c11a1a

    • SHA512

      9cfb0015cf4b51977e9b4bfef4e3918b7e7dfe4cc76f49aa32ea56ecfc97c035cac0ef8cc9a0379b937e8a6ed34b01b805e1034920a34d6c08a42318f57de49a

    • SSDEEP

      1536:jVjv3n5rDNuVKNnIhnhhW2cgJbhqHekyN/1H5xuM8WWz:jVb6EIhnhhW2cgBhq+xN/1Zx2WG

    Score
    8/10

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks