Overview

overview

10

Static

static

10

1d08e77321...57c4cf

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    138s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    19/12/2023, 22:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1d08e77321756a40067647814a57c4cf

  • Size

    101KB

  • MD5

    1d08e77321756a40067647814a57c4cf

  • SHA1

    1951dbfb5425b1bb50406d02c1ea124a600c1861

  • SHA256

    4b00a6583540fa94ec6fc99396aa2a44d276a04f547c58dc3ff4cf29efcc54f6

  • SHA512

    f4876e69e7e300849ecf9d35e04d8cd2a5d3773bad7439d5262e95f90af6ffad874845cc13fff2bc681c5b509521c090ed6a8042b78e3288e74da8b2e0e4998b

  • SSDEEP

    3072:wW8FUmgujld6Mkxm6AJ+4fNHmmFVcqq0GnDZT:wJFv4Lm6AJ+4fNHmmFVcqq0GnDZT

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/1d08e77321756a40067647814a57c4cf
    /tmp/1d08e77321756a40067647814a57c4cf
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1531

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads