General
-
Target
696bad26159da671a74a879c34188dcae0edcd6726f8314c5bde240765235dd8
-
Size
611KB
-
Sample
220625-exr6tsdhcl
-
MD5
232e172f7a005dd12d4aad55e0c4a331
-
SHA1
9425435b359cd7ee6138564c687709e9d244f065
-
SHA256
696bad26159da671a74a879c34188dcae0edcd6726f8314c5bde240765235dd8
-
SHA512
f42110ba007957a6256c9a74e0d6e57dd8a3918823a803dbac583155438a60072c54f79ad052ff24da27ff649c04ead6e9962c32710bcf8eb072e8e0050c769f
Static task
static1
Behavioral task
behavioral1
Sample
696bad26159da671a74a879c34188dcae0edcd6726f8314c5bde240765235dd8
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
um.com:443
cdn.netflix2cdn.com:443
cdn.finance1num.com:443
Targets
-
-
Target
696bad26159da671a74a879c34188dcae0edcd6726f8314c5bde240765235dd8
-
Size
611KB
-
MD5
232e172f7a005dd12d4aad55e0c4a331
-
SHA1
9425435b359cd7ee6138564c687709e9d244f065
-
SHA256
696bad26159da671a74a879c34188dcae0edcd6726f8314c5bde240765235dd8
-
SHA512
f42110ba007957a6256c9a74e0d6e57dd8a3918823a803dbac583155438a60072c54f79ad052ff24da27ff649c04ead6e9962c32710bcf8eb072e8e0050c769f
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-