General
-
Target
bf8dc5eca570a1a0d702303547b736cff9df54c31745dde90dfc429580c0cc28
-
Size
8.6MB
-
Sample
220518-z81ybshafm
-
MD5
1f29fc7e6e27a5a7e92ce400cf2eaf2f
-
SHA1
901d534f3fe2a57f660a9e344734f51fd9fbd869
-
SHA256
bf8dc5eca570a1a0d702303547b736cff9df54c31745dde90dfc429580c0cc28
-
SHA512
ab2e96abaa5d543656a72f3f97b8ae4fb857e8ceb0b73fbcf4f22e45eb39aeb95a61e6d5558c58ee32bfcafed381fb84ea48bf413875d23d98f634c6c3c45aea
Behavioral task
behavioral1
Sample
bf8dc5eca570a1a0d702303547b736cff9df54c31745dde90dfc429580c0cc28
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
bf8dc5eca570a1a0d702303547b736cff9df54c31745dde90dfc429580c0cc28
-
Size
8.6MB
-
MD5
1f29fc7e6e27a5a7e92ce400cf2eaf2f
-
SHA1
901d534f3fe2a57f660a9e344734f51fd9fbd869
-
SHA256
bf8dc5eca570a1a0d702303547b736cff9df54c31745dde90dfc429580c0cc28
-
SHA512
ab2e96abaa5d543656a72f3f97b8ae4fb857e8ceb0b73fbcf4f22e45eb39aeb95a61e6d5558c58ee32bfcafed381fb84ea48bf413875d23d98f634c6c3c45aea
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Reads CPU attributes
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-