Analysis

  • max time kernel
    0s
  • max time network
    93s
  • platform
    linux_amd64
  • resource
    ubuntu-amd64
  • submitted
    26-08-2021 14:35

General

  • Target

    1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f

  • Size

    2.0MB

  • MD5

    3f328e68ed4d59973f9c5b4f36545ab0

  • SHA1

    f2724c0abb93b6a1d3f6fcb59b88c2aebbd76031

  • SHA256

    1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f

  • SHA512

    905834e82f0144db00dcb49078792beb7c595dd0fca1937aace49be430919f6a43b84f239c46f9e9bd5e494c49eb5f4e3c18ad494eb311c44e5704e715a0d10d

Score
9/10

Malware Config

Signatures

  • Deletes system logs 1 TTPs 6 IoCs
  • Creates/modifies Cron job 1 TTPs 1 IoCs

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

  • Writes file to tmp directory 3 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • ./1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f
    ./1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f
    1⤵
    • Writes file to tmp directory
    PID:673

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads