Analysis
-
max time kernel
0s -
max time network
102s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
05/04/2022, 19:02
Static task
static1
Behavioral task
behavioral1
Sample
0012f3033220902f3f721dc168ffc65f
Resource
ubuntu1804-amd64-en-20211208
0 signatures
0 seconds
General
-
Target
0012f3033220902f3f721dc168ffc65f
-
Size
41KB
-
MD5
0012f3033220902f3f721dc168ffc65f
-
SHA1
ab6694377c5a802a2d3c5b7b0fc2ec62273bb442
-
SHA256
3120ed50f0e924f998f0781248e00cb5c27c4ad809b7d344e782eaaab0da53c3
-
SHA512
9131a8b463a45d490f599adcb80414384bab96c0a118e0e6a00db9b482f6124fbe53a71cbdd557b207aafcb7cc8cf2f1b22639c9dbda372e0ead467cecd48586
Score
5/10
Malware Config
Signatures
-
Reads runtime system information 2 IoCs
Reads data from /proc virtual filesystem.
description ioc Process /proc/filesystems /proc/filesystems mkdir /proc/filesystems /proc/filesystems mv
Processes
-
./0012f3033220902f3f721dc168ffc65f./0012f3033220902f3f721dc168ffc65f1⤵PID:593
-
/bin/shsh -c "mkdir /9afh7ukhy2/ && >/9afh7ukhy2/9afh7ukhy2 && cd /9afh7ukhy2/ >/dev/null"1⤵PID:596
-
/bin/mkdirmkdir /9afh7ukhy2/2⤵
- Reads runtime system information
PID:597
-
-
/bin/shsh -c "mv /tmp/0012f3033220902f3f721dc168ffc65f /9afh7ukhy2/9afh7ukhy2 && chmod 777 /9afh7ukhy2/9afh7ukhy2 >/dev/null"1⤵PID:598
-
/bin/mvmv /tmp/0012f3033220902f3f721dc168ffc65f /9afh7ukhy2/9afh7ukhy22⤵
- Reads runtime system information
PID:599
-
-
/bin/chmodchmod 777 /9afh7ukhy2/9afh7ukhy22⤵PID:600
-