Overview

overview

10

Static

static

10

images.cgi.virus

ubuntu-18.04-amd64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    images.cgi.virus

  • Size

    104KB

  • Sample

    230313-j7m23shd34

  • MD5

    2dab8f1f93c1c3b53827f1e888cb0a09

  • SHA1

    f6e4aac6cb689857c1c4db215b58575120e2b52d

  • SHA256

    24bdc0b4448e6671fbc0f772374a9e98f3b6102c6c126f1415618fc185204d60

  • SHA512

    ff666cc9b0f2ef6eb8f134bf922943c1ebfbbb0b7f30a0ccd95ad0d1597366f1aece2bd1301cf0257fdc460edfdb507b37a6bc3e994595e0b6f40400b304b74f

  • SSDEEP

    3072:+lKV9c01nhhWSOYDXPhHpq+xN/1Zx2G0wXE:MKVe01nhhiYThjHywX

Score
10/10
rekoobelinux

Malware Config

Extracted

Family

rekoobe

C2

45.136.13.211:80

Targets

    • Target

      images.cgi.virus

    • Size

      104KB

    • MD5

      2dab8f1f93c1c3b53827f1e888cb0a09

    • SHA1

      f6e4aac6cb689857c1c4db215b58575120e2b52d

    • SHA256

      24bdc0b4448e6671fbc0f772374a9e98f3b6102c6c126f1415618fc185204d60

    • SHA512

      ff666cc9b0f2ef6eb8f134bf922943c1ebfbbb0b7f30a0ccd95ad0d1597366f1aece2bd1301cf0257fdc460edfdb507b37a6bc3e994595e0b6f40400b304b74f

    • SSDEEP

      3072:+lKV9c01nhhWSOYDXPhHpq+xN/1Zx2G0wXE:MKVe01nhhiYThjHywX

    Score
    8/10

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

1
T1568

Impact

Tasks