General
-
Target
de959af4e13c5a0b9799ffecbbee43a30f21763f784262addc650a41ca12f2bb
-
Size
358KB
-
Sample
220520-2z7qmagcf4
-
MD5
639fc83ecdf903c5565b0328d4375e12
-
SHA1
7cbfed277c84d45641fc19852fd27193de2cffc8
-
SHA256
de959af4e13c5a0b9799ffecbbee43a30f21763f784262addc650a41ca12f2bb
-
SHA512
3d2b151d71f72dc80db66697a834df6bba4e7a3bfeb048c992ad564dce5b432658b10f50c351b69e6563e75c502440d0d4720ca769d99ae4dd15e45ee7ff1cec
Malware Config
Targets
-
-
Target
de959af4e13c5a0b9799ffecbbee43a30f21763f784262addc650a41ca12f2bb
-
Size
358KB
-
MD5
639fc83ecdf903c5565b0328d4375e12
-
SHA1
7cbfed277c84d45641fc19852fd27193de2cffc8
-
SHA256
de959af4e13c5a0b9799ffecbbee43a30f21763f784262addc650a41ca12f2bb
-
SHA512
3d2b151d71f72dc80db66697a834df6bba4e7a3bfeb048c992ad564dce5b432658b10f50c351b69e6563e75c502440d0d4720ca769d99ae4dd15e45ee7ff1cec
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Modifies init.d
Adds/modifies system service, likely for persistence.
-
Modifies rc script
Adding/modifying system rc scripts is a common persistence mechanism.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-