ffbb9f0bad7560565e2f041ccba6fc33f9ea5a4e66168bd35f6ee0d59c1dd0ce

Analysis

max time kernel
147s
max time network
134s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
03-04-2024 01:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d29ebdaa0a822094a12e32d12fd13b401385c2f78941c9f4e222db7b370abf5a.elf
Size

97KB
MD5

5830d21dd285aa36f191cf89358325ee
SHA1

6055c0e8714c3d71426f48d6f224fb99268e5f27
SHA256

d29ebdaa0a822094a12e32d12fd13b401385c2f78941c9f4e222db7b370abf5a
SHA512

63a869e1d608c66d5920ef1a71a574feb2c53be2256bc930002f5569d9fc7408be2b4d1c5fba362f55e47cffad1f7dff298bd4e59a3c25a6788a57dce34901d1
SSDEEP

3072:qJYWRWU8Ud9BQjIvKQ3RPhgaeNK21i5hRTkjCinf0OzTyoQQub:4UPa9BQjIvKmjj2k5hBkminf0OzTyoQ7

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1467	d29ebdaa0a822094a12e32d12fd13b401385c2f78941c9f4e222db7b370abf5a.elf

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Dynamic Resolution

T1568

description	ioc
File opened for modification	/etc/resolv.conf

/tmp/d29ebdaa0a822094a12e32d12fd13b401385c2f78941c9f4e222db7b370abf5a.elf
/tmp/d29ebdaa0a822094a12e32d12fd13b401385c2f78941c9f4e222db7b370abf5a.elf
1⤵
- Changes its process name
PID:1467

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

T1568

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads