Resubmissions
06-09-2023 00:50
230906-a613wace39 1002-06-2022 16:49
220602-vb6p4acdhn 1018-05-2022 18:03
220518-wm78qsfbgl 5Analysis
-
max time kernel
0s -
max time network
102s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
18-05-2022 18:03
Static task
static1
Behavioral task
behavioral1
Sample
2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
Resource
ubuntu1804-amd64-en-20211208
linux_amd64
0 signatures
0 seconds
General
-
Target
2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin
-
Size
30KB
-
MD5
a4bbcbdb2d65d1b966943f6955c05048
-
SHA1
68af74718f5eeb824258e69af5a23a3c0f6fb54d
-
SHA256
2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb
-
SHA512
4b5d69f3ceb9e2a9311bf08bc3b853dcddf2f33228e31dfaa3c6484dfc4057ba210c1995833bbd26eeea15496623a13e1c895e71e8094707c78ed4b6738274a6
Score
5/10
Malware Config
Signatures
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes:
cpdescription ioc process /proc/filesystems /proc/filesystems cp
Processes
-
./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin1⤵PID:593
-
/bin/shsh -c "/bin/rm -f /dev/shm/kdmtmpflush;/bin/cp ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin /dev/shm/kdmtmpflush && /bin/chmod 755 /dev/shm/kdmtmpflush && /dev/shm/kdmtmpflush --init && /bin/rm -f /dev/shm/kdmtmpflush"2⤵PID:594
-
/bin/rm/bin/rm -f /dev/shm/kdmtmpflush3⤵PID:595
-
-
/bin/cp/bin/cp ./2e0aa3da45a0360d051359e1a038beff8551b957698f21756cfc6ed5539e4bdb.bin /dev/shm/kdmtmpflush3⤵
- Reads runtime system information
PID:596
-
-
/bin/chmod/bin/chmod 755 /dev/shm/kdmtmpflush3⤵PID:597
-
-
/dev/shm/kdmtmpflush/dev/shm/kdmtmpflush --init3⤵PID:598
-
-
/bin/rm/bin/rm -f /dev/shm/kdmtmpflush3⤵PID:600
-
-