General
-
Target
341824d382550110cffffec8f70af0519ef46f4524536c0489c9a0459f0c4b5a
-
Size
969KB
-
Sample
220619-2ry4hsehgq
-
MD5
cfbb80188473988925a9d08f4d397ab9
-
SHA1
95996dc888b95a1380efb3e85dd4ad3cd324e960
-
SHA256
341824d382550110cffffec8f70af0519ef46f4524536c0489c9a0459f0c4b5a
-
SHA512
4efd90a2ff24719eec4ffaafde0e1aff0aeaf886b706258fe72d22491ddcbca973f0cdaa4a3b9a4207700330300692491e07d050d43eb105ce5e8ea3e0799204
Static task
static1
Behavioral task
behavioral1
Sample
341824d382550110cffffec8f70af0519ef46f4524536c0489c9a0459f0c4b5a
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
341824d382550110cffffec8f70af0519ef46f4524536c0489c9a0459f0c4b5a
-
Size
969KB
-
MD5
cfbb80188473988925a9d08f4d397ab9
-
SHA1
95996dc888b95a1380efb3e85dd4ad3cd324e960
-
SHA256
341824d382550110cffffec8f70af0519ef46f4524536c0489c9a0459f0c4b5a
-
SHA512
4efd90a2ff24719eec4ffaafde0e1aff0aeaf886b706258fe72d22491ddcbca973f0cdaa4a3b9a4207700330300692491e07d050d43eb105ce5e8ea3e0799204
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads CPU attributes
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-