General
-
Target
580accbe4ec8e8ec6808c34eda1d6feae17d9940723acd1fe13db75d02e13ae9
-
Size
611KB
-
Sample
220625-b8vjjshecl
-
MD5
0190d66de838c766a844e52c1f4f047a
-
SHA1
2e7fd825bec6d7fc7ddb9e2b60b3c9678bad6eae
-
SHA256
580accbe4ec8e8ec6808c34eda1d6feae17d9940723acd1fe13db75d02e13ae9
-
SHA512
c26e30f4f10959ecf529631e078651f0b720bd542722aad0e3c4178ae3fbf5ac8d7a6bc453e0a4c3d4b8ef7ebc4267b36a399f1e6b608596c509733c075468de
Static task
static1
Behavioral task
behavioral1
Sample
580accbe4ec8e8ec6808c34eda1d6feae17d9940723acd1fe13db75d02e13ae9
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
num.com:3308
cdn.netflix2cdn.com:3308
cdn.finance1num.com:3308
Targets
-
-
Target
580accbe4ec8e8ec6808c34eda1d6feae17d9940723acd1fe13db75d02e13ae9
-
Size
611KB
-
MD5
0190d66de838c766a844e52c1f4f047a
-
SHA1
2e7fd825bec6d7fc7ddb9e2b60b3c9678bad6eae
-
SHA256
580accbe4ec8e8ec6808c34eda1d6feae17d9940723acd1fe13db75d02e13ae9
-
SHA512
c26e30f4f10959ecf529631e078651f0b720bd542722aad0e3c4178ae3fbf5ac8d7a6bc453e0a4c3d4b8ef7ebc4267b36a399f1e6b608596c509733c075468de
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-