General
-
Target
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
Size
611KB
-
Sample
220217-zhyqaaece9
-
MD5
757b89c6cc5a910c11a555a381684e55
-
SHA1
5cd2b55e20d10dd6bdd9bd972aad67ef7544d4ce
-
SHA256
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
SHA512
0a9ecca06f87e403e7170dcb3fa275547139f9ee4b253efdd96f01d2d806b49d78a1ebf8bf420c156d9cbf74dc652c180b6591de2c5f34d5902f0e64cf45bd1f
Malware Config
Targets
-
-
Target
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
Size
611KB
-
MD5
757b89c6cc5a910c11a555a381684e55
-
SHA1
5cd2b55e20d10dd6bdd9bd972aad67ef7544d4ce
-
SHA256
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
SHA512
0a9ecca06f87e403e7170dcb3fa275547139f9ee4b253efdd96f01d2d806b49d78a1ebf8bf420c156d9cbf74dc652c180b6591de2c5f34d5902f0e64cf45bd1f
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-