Analysis
-
max time kernel
0s -
max time network
93s -
platform
linux_amd64 -
resource
ubuntu-amd64 -
submitted
26-08-2021 14:35
Static task
static1
Behavioral task
behavioral1
Sample
1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f
Resource
ubuntu-amd64
linux_amd64
0 signatures
0 seconds
General
-
Target
1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f
-
Size
2.0MB
-
MD5
3f328e68ed4d59973f9c5b4f36545ab0
-
SHA1
f2724c0abb93b6a1d3f6fcb59b88c2aebbd76031
-
SHA256
1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f
-
SHA512
905834e82f0144db00dcb49078792beb7c595dd0fca1937aace49be430919f6a43b84f239c46f9e9bd5e494c49eb5f4e3c18ad494eb311c44e5704e715a0d10d
Score
9/10
Malware Config
Signatures
-
Deletes system logs 1 TTPs 6 IoCs
description ioc /var/log/journal /var/log/journal /var/log/journal/a44f0fe52e404b679b7b2c5bbcd8d157 /var/log/journal/a44f0fe52e404b679b7b2c5bbcd8d157 /var/log/apt /var/log/apt /var/log/installer /var/log/installer /var/log/installer/cdebconf /var/log/installer/cdebconf /var/log/dist-upgrade /var/log/dist-upgrade -
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
description ioc /var/spool/cron/crontabs /var/spool/cron/crontabs -
Writes file to tmp directory 3 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process /tmp/.DBFD055C-9CF2-4BB8-908E-6DA22321BF17 /tmp/.DBFD055C-9CF2-4BB8-908E-6DA22321BF17 1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f /tmp/daemon_1628770357.log /tmp/daemon_1628770357.log Process not Found /tmp/./1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f /tmp/./1247a68b960aa81b7517c614c12c8b5d1921d1d2fdf17be636079ad94caf970f Process not Found