Resubmissions

06-09-2023 00:50

230906-a613wace39 10

02-06-2022 16:49

220602-vb6p4acdhn 10

18-05-2022 18:03

220518-wm78qsfbgl 5

Analysis

  • max time kernel
    0s
  • max time network
    102s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • submitted
    18-05-2022 18:03

General

  • Target

    2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin

  • Size

    30KB

  • MD5

    a4bbcbdb2d65d1b966943f6955c05048

  • SHA1

    68af74718f5eeb824258e69af5a23a3c0f6fb54d

  • SHA256

    2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb

  • SHA512

    4b5d69f3ceb9e2a9311bf08bc3b853dcddf2f33228e31dfaa3c6484dfc4057ba210c1995833bbd26eeea15496623a13e1c895e71e8094707c78ed4b6738274a6

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
    ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
    1⤵
      PID:593
      • /bin/sh
        sh -c "/bin/rm -f /dev/shm/kdmtmpflush;/bin/cp ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin /dev/shm/kdmtmpflush && /bin/chmod 755 /dev/shm/kdmtmpflush && /dev/shm/kdmtmpflush --init && /bin/rm -f /dev/shm/kdmtmpflush"
        2⤵
          PID:594
          • /bin/rm
            /bin/rm -f /dev/shm/kdmtmpflush
            3⤵
              PID:595
            • /bin/cp
              /bin/cp ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin /dev/shm/kdmtmpflush
              3⤵
              • Reads runtime system information
              PID:596
            • /bin/chmod
              /bin/chmod 755 /dev/shm/kdmtmpflush
              3⤵
                PID:597
              • /dev/shm/kdmtmpflush
                /dev/shm/kdmtmpflush --init
                3⤵
                  PID:598
                • /bin/rm
                  /bin/rm -f /dev/shm/kdmtmpflush
                  3⤵
                    PID:600

              Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads