Overview

overview

10

Static

static

10

800e7ecf8c...fd942f

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    143s
  • max time network
    153s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    20-12-2023 03:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    800e7ecf8c4a6432e777ec9253fd942f

  • Size

    153KB

  • MD5

    800e7ecf8c4a6432e777ec9253fd942f

  • SHA1

    5404ddef3099a7a370ba46687a452c05e688afb1

  • SHA256

    f0d62fa6a30d423ec25d5e42776fc52f90b178c25a28ec14177f1f5a2d0ec8ca

  • SHA512

    24e34486429d632f3f5ca56b959d7d9b7730daa4c782e9eabb2dcfc90f2c6818523d1d7c922795684624f4038ad3dfe98e0bfbd426c384f522e2e6a87e3f5b22

  • SSDEEP

    3072:XlEoRSgLyZrVvnNYd+soZS9BFGOlV5BZ8fR1c9OXH90PfNatph1:X6oR5+qwS9BFFlhK51ckXH90PfNatph1

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/800e7ecf8c4a6432e777ec9253fd942f
    /tmp/800e7ecf8c4a6432e777ec9253fd942f
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:1524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads