Resubmissions

16-04-2024 09:41

240416-lnrx2agd6t 7

16-04-2024 09:34

240416-lj2axagc7s 7

General

  • Target

    d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a.rar

  • Size

    82KB

  • Sample

    240416-lnrx2agd6t

  • MD5

    5aa397f1f1413aadcf22aa5d23c4f32f

  • SHA1

    d199c2c7e4c1e0d0930361ef6afb9c221b873573

  • SHA256

    56e20e1156cda633f1d623b4c6ff3cb709c92cc2c0e0a81a3ec0b97643658cd6

  • SHA512

    23a7b97cda4e33dd49f068a4e76e5e24cc64a433e4242858694102102a444a276c468271017ddbcb57a1913cd7d0cec1af655dfefe1fb7fadc36a5c83517e41b

  • SSDEEP

    1536:H+rk9CITlSHUedZifzmpXeZBIit3Bx+WWAbcAisSx5d6fGEmx0m94us6:vLTQ3s6pXeZz3Bx+fZN6uas4C

Score
7/10

Malware Config

Targets

    • Target

      d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a

    • Size

      83KB

    • MD5

      b8ed2cb3e9fedec5b164ce84ad5a08d0

    • SHA1

      b45ef9ad0a29b0a402d1613b10c3f6e95686230c

    • SHA256

      d5601202dff3017db238145ff21857415f663031aca9b3d534bec8991b12179a

    • SHA512

      98aa6abf6bc6b27ea2833122c468e436c267ef40c5ecbbd6446174d0859920e7b7bbcec617e12d7aa9e89e0492e5dcf4cf49a6208e7252fd0619047818454a31

    • SSDEEP

      1536:m3LqE6rUQWzVQR7iAGEcUT5PIi7pLqBNs4LOjcwf4nB6XuzGNy+iSc7tNUZM:mOE6PWo1T5bz4LVMXuzVNScWM

    Score
    7/10
    • Changes its process name

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks