General
-
Target
Linux_amd64
-
Size
2.3MB
-
Sample
220323-vmrejshch7
-
MD5
1a5edcf40f9d95c0c8fddc501ebd9f8c
-
SHA1
8d4869df5df1a9a88e0d0a9d838c71f5e7aba939
-
SHA256
a8875c3bad30270efe07611b8f68546d6cb6ab19f0105319ebaba0d624bab0bf
-
SHA512
2da4c2507773713b755a1cc71f7d003afd51510611744fb52d1a6c63f603638616a8a8500d0049a36903c6a5ee4fb692398cd35ad03716aa61dfd06bd327d587
Static task
static1
Behavioral task
behavioral1
Sample
Linux_amd64
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
Linux_amd64
-
Size
2.3MB
-
MD5
1a5edcf40f9d95c0c8fddc501ebd9f8c
-
SHA1
8d4869df5df1a9a88e0d0a9d838c71f5e7aba939
-
SHA256
a8875c3bad30270efe07611b8f68546d6cb6ab19f0105319ebaba0d624bab0bf
-
SHA512
2da4c2507773713b755a1cc71f7d003afd51510611744fb52d1a6c63f603638616a8a8500d0049a36903c6a5ee4fb692398cd35ad03716aa61dfd06bd327d587
Score10/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-