Overview

overview

9

Static

static

1

29376d0062...e80422

ubuntu-18.04-amd64

9

Analysis

  • max time kernel
    155s
  • max time network
    159s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    19/12/2023, 22:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    29376d00622f2b6db20e409a9de80422

  • Size

    41KB

  • MD5

    29376d00622f2b6db20e409a9de80422

  • SHA1

    f885d71cd8700fcd524b98ab0e62316c72b44f20

  • SHA256

    b3eba90e91b6a610139245a7e118b4c507623e01d837d35618cd22d357a2ded8

  • SHA512

    2ca3363a1c4109f1f45db50ffc9641670c22de179350781d1bc7e1e258e1aa20af753b84836d66e4614384d7b9fa7e2ffa400c1d2d1ba102454f7a39d0a28300

  • SSDEEP

    768:6X6+LnKPel3cxl3JoqmHbaXyuGkXEZPJ4n3kktDiKOKIs:oBnKPscLJ5XXyuPkO3

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (61861) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Changes its process name 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Writes file to system bin folder 1 TTPs 1 IoCs

Processes

  • /tmp/29376d00622f2b6db20e409a9de80422
    /tmp/29376d00622f2b6db20e409a9de80422
    1⤵
    • Changes its process name
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    PID:1592

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads