Overview

overview

8

Static

static

1

app_mod copy.sh_

ubuntu-18.04-amd64

8

app_mod copy.sh_

debian-9-armhf

8

app_mod copy.sh_

debian-9-mips

8

app_mod copy.sh_

debian-9-mipsel

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    app_mod copy.sh_

  • Size

    51KB

  • Sample

    230315-m6qclach24

  • MD5

    5a8c1fac337fb034f3a7456b0c416758

  • SHA1

    d883644c417a5f1543b88f2ac407ee84e1425420

  • SHA256

    902a66ff2a651275836d70b621a02225c3cdefc98dc4d28faee3ba772f65da2b

  • SHA512

    8adba312ef13f5628bffbb6f399f65d50f7479874fda4c191bc10e51fd48a49d5b8d247bc2cfbc99d6fe9a76fe5500976571d6ac4a150efae144ece3f5d1248a

  • SSDEEP

    1536:DxEyGznImjPZzlz1pxvp4eWbOvWM2I306DMmAgu:DxEyGznI4xl4jOvzhDMz

Score
8/10
linux

Malware Config

Targets

    • Target

      app_mod copy.sh_

    • Size

      51KB

    • MD5

      5a8c1fac337fb034f3a7456b0c416758

    • SHA1

      d883644c417a5f1543b88f2ac407ee84e1425420

    • SHA256

      902a66ff2a651275836d70b621a02225c3cdefc98dc4d28faee3ba772f65da2b

    • SHA512

      8adba312ef13f5628bffbb6f399f65d50f7479874fda4c191bc10e51fd48a49d5b8d247bc2cfbc99d6fe9a76fe5500976571d6ac4a150efae144ece3f5d1248a

    • SSDEEP

      1536:DxEyGznImjPZzlz1pxvp4eWbOvWM2I306DMmAgu:DxEyGznI4xl4jOvzhDMz

    Score
    8/10

    • Modifies hosts file

      Adds to hosts file used for mapping hosts to IP addresses.

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v6

Tasks