General
-
Target
0tZjAN
-
Size
2.7MB
-
Sample
220322-c53w7aecd9
-
MD5
0ed58468974629e33b5c94e6df64a520
-
SHA1
94994b5f13367652f40ab7d37716d6fa4f334dbf
-
SHA256
b358b30e38d9aad71f28c95d0e50e727d41871f9df7f8e54c9299e4291fea952
-
SHA512
da83c3c7086d2527333909f411c1d7df1a96b12a85f0b5a21664287cd1fcb60d2555e78a97a91665165d4b4b36a83582ffcdc1d406a4ba18e196c6ea9b08b817
Static task
static1
Behavioral task
behavioral1
Sample
0tZjAN
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
0tZjAN
-
Size
2.7MB
-
MD5
0ed58468974629e33b5c94e6df64a520
-
SHA1
94994b5f13367652f40ab7d37716d6fa4f334dbf
-
SHA256
b358b30e38d9aad71f28c95d0e50e727d41871f9df7f8e54c9299e4291fea952
-
SHA512
da83c3c7086d2527333909f411c1d7df1a96b12a85f0b5a21664287cd1fcb60d2555e78a97a91665165d4b4b36a83582ffcdc1d406a4ba18e196c6ea9b08b817
Score10/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-