Resubmissions
27-09-2023 15:12
230927-slaz3ach49 725-11-2020 08:51
201125-237h7mgpxa 924-11-2020 13:31
201124-38cax1ssh2 9Analysis
-
max time kernel
0s -
max time network
124s -
platform
linux_amd64 -
resource
ubuntu-amd64 -
submitted
24-11-2020 13:31
General
-
Target
269614e98cf1a6f16026139c078e03c4790a03020abd0ac881540358f8f620cd
-
Size
17KB
-
MD5
cff772c03b0af2d48bcff169aa82b3eb
-
SHA1
619b9a8a5fe3b3d7276cfebfcec8304dd44a708f
-
SHA256
269614e98cf1a6f16026139c078e03c4790a03020abd0ac881540358f8f620cd
-
SHA512
c573851ecd8319a49e1ef4d4292e29913f1b652219d17114223a5f03eddbaae4fc81f56c36f610ad887c353ac4cce482c91d1df91813a89d5dfad525f1e46c18
Score
9/10
Malware Config
Signatures
-
Writes file to system bin folder 1 TTPs 1 IoCs
-
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes
-
./269614e98cf1a6f16026139c078e03c4790a03020abd0ac881540358f8f620cd./269614e98cf1a6f16026139c078e03c4790a03020abd0ac881540358f8f620cd1⤵
- Writes file to system bin folder
- Creates/modifies Cron job
- Reads runtime system information
- Writes file to tmp directory
-
/tmp/fileZYUhsQ./269614e98cf1a6f16026139c078e03c4790a03020abd0ac881540358f8f620cd2⤵