abb74b82d4f661b0c8021e31a05ed9ad827d714b1eca2a786e8d25cd5f06821a

Analysis

max time kernel
0s
max time network
129s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240522.1-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
29-12-2024 12:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

i686.elf
Size

89KB
MD5

766a3f2bc9c93e264a77b1431224d4df
SHA1

d782c81890f6843bf6080607dba7c564938c9b59
SHA256

abb74b82d4f661b0c8021e31a05ed9ad827d714b1eca2a786e8d25cd5f06821a
SHA512

beae8c3a22ac6ad041f69a8cc7d9c0dae80eb6a52fd3e943e8add5df2c0b5a349981a684ad4b22e9524af3cf299508781c181479828919eeda513b7c3a1ccd71
SSDEEP

1536:2JcSA3zJO93RceGQwqWQC1yIZ2DN1d3Oow5hBPrJs6Wshe0QzUzJYQ2Wk:CAI93RceGT91yIZ2DN1QL5hBlWUe0QzR

Score

7^/10

Malware Config

Signatures

Writes DNS configuration 1 TTPs 1 IoCs

Writes data to DNS resolver config file.

Adversary-in-the-Middle

T1557

description	ioc	Process
File opened for modification	/etc/resolv.conf	i686.elf

Changes its process name 1 IoCs

description	pid	Process
Changes the process name, possibly in an attempt to hide itself	1566	i686.elf

/tmp/i686.elf
/tmp/i686.elf
1⤵
- Writes DNS configuration
- Changes its process name
PID:1566

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Adversary-in-the-Middle

T1557

Discovery

Lateral Movement

Collection

Adversary-in-the-Middle

T1557

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads