General
-
Target
8561a98f823f85a6c0d4beb209c4c016e96052ffcae18ba606b834d99d2b99a8
-
Size
596KB
-
Sample
220619-y5zenabcgm
-
MD5
34b2a8a8e5a0fafc6552457f812bac5f
-
SHA1
152fc531a9a03b8091b86419a9a808cedfa08639
-
SHA256
8561a98f823f85a6c0d4beb209c4c016e96052ffcae18ba606b834d99d2b99a8
-
SHA512
f20a7fa82649170bc1d1b17bb2aa2ef157962f87da26717e3ab18b15208a986399193eed5a0fbe17fffab52ce6320c4c08d80d95f1c8d90e5c476e73569d7b94
Static task
static1
Behavioral task
behavioral1
Sample
8561a98f823f85a6c0d4beb209c4c016e96052ffcae18ba606b834d99d2b99a8
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
dns-google.org:60000
a-dns-google.com:60000
uc.twjiasu.com:8080
Targets
-
-
Target
8561a98f823f85a6c0d4beb209c4c016e96052ffcae18ba606b834d99d2b99a8
-
Size
596KB
-
MD5
34b2a8a8e5a0fafc6552457f812bac5f
-
SHA1
152fc531a9a03b8091b86419a9a808cedfa08639
-
SHA256
8561a98f823f85a6c0d4beb209c4c016e96052ffcae18ba606b834d99d2b99a8
-
SHA512
f20a7fa82649170bc1d1b17bb2aa2ef157962f87da26717e3ab18b15208a986399193eed5a0fbe17fffab52ce6320c4c08d80d95f1c8d90e5c476e73569d7b94
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-