Overview

overview

8

Static

static

1

elf_49215b...3d429b

ubuntu-18.04-amd64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    elf_49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b

  • Size

    9.6MB

  • Sample

    230213-yaerrsfa51

  • MD5

    469addeec35376610112e02e800e4b28

  • SHA1

    e29dfd6c6249a33454f2aad87f7605f57e1d0d03

  • SHA256

    49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b

  • SHA512

    b3fa008c2671270bab944ac35a45e59c72686128ee6cc9c2df62d854896f41342ec4369392987d74a7e9171454409667dec73b1ae844dcaff665715ec64fe1a1

  • SSDEEP

    49152:yTNYKdudsJ5dOErb/T0vO90dL3BmAFd4A64nsfJm1a3kqHh2EL4Xp7CrC1LQQFbC:0NsNkUAM5UCxc5THnNvWza/NAE

Score
8/10
linux

Malware Config

Targets

    • Target

      elf_49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b

    • Size

      9.6MB

    • MD5

      469addeec35376610112e02e800e4b28

    • SHA1

      e29dfd6c6249a33454f2aad87f7605f57e1d0d03

    • SHA256

      49215ba3fb3e632847843780a063d93942d3282d7cbbb99d72abd0b3993d429b

    • SHA512

      b3fa008c2671270bab944ac35a45e59c72686128ee6cc9c2df62d854896f41342ec4369392987d74a7e9171454409667dec73b1ae844dcaff665715ec64fe1a1

    • SSDEEP

      49152:yTNYKdudsJ5dOErb/T0vO90dL3BmAFd4A64nsfJm1a3kqHh2EL4Xp7CrC1LQQFbC:0NsNkUAM5UCxc5THnNvWza/NAE

    Score
    8/10

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates kernel/hardware configuration

      Reads contents of /sys virtual filesystem to enumerate system information.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks