Overview

overview

5

Static

static

fa0defdabd...996d73

linux_amd64

5

fa0defdabd...996d73

linux_mipsel

fa0defdabd...996d73

linux_mips

Resubmissions

06-09-2023 00:49

230906-a6cehsce37 10

31-07-2023 12:28

230731-pnngdsgd4v 10

28-02-2021 08:09

210228-xd259lnnps 5

Analysis

  • max time kernel
    0s
  • max time network
    124s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    28-02-2021 08:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73

  • Size

    28KB

  • MD5

    0017f7b913ce66e4d80f7e78cf830a2b

  • SHA1

    f1bf775746a5c882b9ec003617b2a70cf5a5b029

  • SHA256

    fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73

  • SHA512

    ff5dd28ba3f5ce1f85f85fa9b65f9f30fbd300f2ca238cb2713da7077b7a0a8ff094cff4d7de9381726925abdd9ea065fa75ccd02fa5a816b71a6f91479363c1

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • ./fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73
    ./fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73
    1⤵
      PID:562
      • "" "" "/bin/rm -f /dev/shm/kdmtmpflush;/bin/cp ./fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73 /dev/shm/kdmtmpflush && /bin/chmod 755 /dev/shm/kdmtmpflush && /dev/shm/kdmtmpflush --init && /bin/rm -f /dev/shm/kdmtmpflush"
        2⤵
          PID:563
          • /bin/rm
            /bin/rm -f /dev/shm/kdmtmpflush
            3⤵
              PID:564
            • /bin/cp
              /bin/cp ./fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73 /dev/shm/kdmtmpflush
              3⤵
              • Reads runtime system information
              PID:565
            • /bin/chmod
              /bin/chmod 755 /dev/shm/kdmtmpflush
              3⤵
                PID:566
              • /dev/shm/kdmtmpflush
                /dev/shm/kdmtmpflush --init
                3⤵
                  PID:567
                • /bin/rm
                  /bin/rm -f /dev/shm/kdmtmpflush
                  3⤵
                    PID:569

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads