Overview

overview

10

Static

static

10

1a938e469c...6a04c2

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    150s
  • max time network
    140s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    19/12/2023, 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a938e469c55cbf5e5e4f6c19b6a04c2

  • Size

    114KB

  • MD5

    1a938e469c55cbf5e5e4f6c19b6a04c2

  • SHA1

    2d8ffd97d5dad89d80b4befc198425b0b2278d85

  • SHA256

    b1ce4e764bb231fde348a3250a027dab3a150242ef6b3f6eb880b527a8d072d7

  • SHA512

    24357218abe27df49f946d0f2424256ece75e6bb46e01338a3390c1c8fd5a192e700d3d468c401c5464c42ecf5013df70014d576e04aad39558d945256628fa3

  • SSDEEP

    3072:8sINq3V6upBKuh+9ysiUkm+p4kDoFkxgN+Dk4jNV:84xRhGREbDoFkxgN+Dk4jNV

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/1a938e469c55cbf5e5e4f6c19b6a04c2
    /tmp/1a938e469c55cbf5e5e4f6c19b6a04c2
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1551

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads