Overview

overview

8

Static

static

c0481ae1cb...5f752a

ubuntu-18.04-amd64

8

c0481ae1cb...5f752a

debian-9-armhf

8

c0481ae1cb...5f752a

debian-9-mips

8

c0481ae1cb...5f752a

debian-9-mipsel

8

Analysis

  • max time kernel
    2176s
  • max time network
    156s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20221111-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20221111-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    03/12/2022, 17:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c0481ae1cbb8c3e2fb68886cdee6c05ba9bbd1a02212ecfe85fc9fcc685f752a

  • Size

    31KB

  • MD5

    374b192421fadc2d2659c3da3b1398b6

  • SHA1

    f745c02bdd779768270661f34a61687a27d0c6ac

  • SHA256

    c0481ae1cbb8c3e2fb68886cdee6c05ba9bbd1a02212ecfe85fc9fcc685f752a

  • SHA512

    95814a22d3535dce4be72ae9675c45fc2de6ae90569052743760bb1925fd47df9ca8d1e90c1401857bb24515bbf8791e54f40114fa45cb8225f9d8c48a74a85e

  • SSDEEP

    384:2qaMZsJlfM778JDWbl1siahkMfd43+yZKB3lp:2qvsJlE778JAyiGRyEB3D

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/c0481ae1cbb8c3e2fb68886cdee6c05ba9bbd1a02212ecfe85fc9fcc685f752a
    /tmp/c0481ae1cbb8c3e2fb68886cdee6c05ba9bbd1a02212ecfe85fc9fcc685f752a
    1⤵
    • Writes file to tmp directory
    PID:323

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads