General
-
Target
watchdog
-
Size
7.6MB
-
Sample
220523-lxd3jacgc4
-
MD5
ccb0e747a4302e226bf76753c177b6ef
-
SHA1
44cdfa426530347da8e6e2a0820cd59d5a5eb2ca
-
SHA256
7c4ffc37b13d93d28a86f67b8881f60194b3c6bb00328503172b2c40a549ad20
-
SHA512
1972023ba90711f38568fbc3e5cc67bc7bbe5af8ff29a05e5b25f85f6ac1b342e8e504751e7553987ac45f35245a2b090c9cf95a5468d32a048b2b56fc9091aa
Behavioral task
behavioral1
Sample
watchdog
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
watchdog
-
Size
7.6MB
-
MD5
ccb0e747a4302e226bf76753c177b6ef
-
SHA1
44cdfa426530347da8e6e2a0820cd59d5a5eb2ca
-
SHA256
7c4ffc37b13d93d28a86f67b8881f60194b3c6bb00328503172b2c40a549ad20
-
SHA512
1972023ba90711f38568fbc3e5cc67bc7bbe5af8ff29a05e5b25f85f6ac1b342e8e504751e7553987ac45f35245a2b090c9cf95a5468d32a048b2b56fc9091aa
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Reads CPU attributes
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-