d43c538acf45e61447c3e83e7d16b48aba16b5075d572eee797825705fbe2954 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fun.sh
Size

22KB
Sample

230323-n7pm5ahd41
MD5

c6255b5afc94976b2fa9e6990d79d6d0
SHA1

a00bfcc1bba5fcb20aa933e3ab81ec062957b499
SHA256

d43c538acf45e61447c3e83e7d16b48aba16b5075d572eee797825705fbe2954
SHA512

83acb2eb6e2a398081b22f58fdb6ab119aca7705da5d867617baf62c8fcfe695580225279645ab81e67e2896a96ec5cbe399c6dbce15aea3cf8250b3b3bef35c
SSDEEP

384:K7GTZjZZJr1cyQLtKMCP/58Q1cDstrasNEAWk/2krqNSyfkE+vpvlr/LPueb:KmjpRcWZ8Q1rz1ehfkxvpvweb

Score

8^/10

linux

Malware Config

Targets

- Target
  
  fun.sh
- Size
  
  22KB
- MD5
  
  c6255b5afc94976b2fa9e6990d79d6d0
- SHA1
  
  a00bfcc1bba5fcb20aa933e3ab81ec062957b499
- SHA256
  
  d43c538acf45e61447c3e83e7d16b48aba16b5075d572eee797825705fbe2954
- SHA512
  
  83acb2eb6e2a398081b22f58fdb6ab119aca7705da5d867617baf62c8fcfe695580225279645ab81e67e2896a96ec5cbe399c6dbce15aea3cf8250b3b3bef35c
- SSDEEP
  
  384:K7GTZjZZJr1cyQLtKMCP/58Q1cDstrasNEAWk/2krqNSyfkE+vpvlr/LPueb:KmjpRcWZ8Q1rz1ehfkxvpvweb
Score

8^/10
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1