5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8

Analysis

max time kernel
152s
max time network
154s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20230621-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20230621-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
26/08/2023, 14:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8_JC.elf
Size

88KB
MD5

c0012015ab27a03b857e83f25377bc10
SHA1

86e18fc3157475e35796a54af334d15a28ff34c9
SHA256

5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8
SHA512

0e5098b5232e40339cfe36acd50a63231b7d20337f7edd16a54c17ba1d594a9b8b39a7139f9088cf15286ff630ebb71bcd866ace90bf1563812f82dbcb38a8e0
SSDEEP

1536:34WA20BHIXusWcSWDICiVaBTgOcgMQvnTJ33pZLZK0g:34W30B7F8eVckOcgMQrJ3ZZLZKX

Score

7^/10

Malware Config

Signatures

Changes its process name 4 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	daddyl33t's back	613	5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8_JC.elf
Changes the process name, possibly in an attempt to hide itself		613	5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8_JC.elf
Changes the process name, possibly in an attempt to hide itself		616	Process not Found
Changes the process name, possibly in an attempt to hide itself		615	Process not Found

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

T1568

description	ioc
File opened for modification	/etc/resolv.conf

/tmp/5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8_JC.elf
/tmp/5e5b6f640de0e0f152323e24c6fc4e1fc8b3e4fc57f7439bd503b3a8e2f5e7c8_JC.elf
1⤵
- Changes its process name
PID:613

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

T1568

Exfiltration

Impact

Windows 7 deprecation

Loading Replay Monitor...