General
-
Target
b9e9e89988f48f199a59d572bd42bc777482843753aad7d5617c5c30205b12f1
-
Size
611KB
-
Sample
220620-tvdb8aeegn
-
MD5
321e60ae4cfb160889f942e7b7bdd490
-
SHA1
4a0ce553f3f7f70e2fbb117afdb097d301e28d5f
-
SHA256
b9e9e89988f48f199a59d572bd42bc777482843753aad7d5617c5c30205b12f1
-
SHA512
4d33522ff9ad0bd1913907587aac48709d39509c41f302b3cc8247c5e851f9aeb621e3f1b1528b34304823e258eec39a64c101f3d2a6c682acc7a062307eddc6
Static task
static1
Behavioral task
behavioral1
Sample
b9e9e89988f48f199a59d572bd42bc777482843753aad7d5617c5c30205b12f1
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
axf6.com:23
www.enoan2107.com:23
www.gzcfr5axf6.com:23
Targets
-
-
Target
b9e9e89988f48f199a59d572bd42bc777482843753aad7d5617c5c30205b12f1
-
Size
611KB
-
MD5
321e60ae4cfb160889f942e7b7bdd490
-
SHA1
4a0ce553f3f7f70e2fbb117afdb097d301e28d5f
-
SHA256
b9e9e89988f48f199a59d572bd42bc777482843753aad7d5617c5c30205b12f1
-
SHA512
4d33522ff9ad0bd1913907587aac48709d39509c41f302b3cc8247c5e851f9aeb621e3f1b1528b34304823e258eec39a64c101f3d2a6c682acc7a062307eddc6
Score10/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-