General
-
Target
edaca7753735c2306a34fd55f5064777b0d0d5569042c453e7344013224d72d0
-
Size
611KB
-
Sample
220625-fnsaxafbem
-
MD5
2004f9f08f281f8d4ea7c913573dd6cc
-
SHA1
50203908a2e3a384375e459dd5888e2b44c83ee8
-
SHA256
edaca7753735c2306a34fd55f5064777b0d0d5569042c453e7344013224d72d0
-
SHA512
0cd47747cbc895919d15597ab6b25900fb0ffdbb04cc6c4dfc53152b575aa190508cacc694ee0cade4dff797017803ae6a40ea5d867cc0e2551527549d5d2bbd
Static task
static1
Behavioral task
behavioral1
Sample
edaca7753735c2306a34fd55f5064777b0d0d5569042c453e7344013224d72d0
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
num.com:3308
cdn.netflix2cdn.com:3308
cdn.finance1num.com:3308
Targets
-
-
Target
edaca7753735c2306a34fd55f5064777b0d0d5569042c453e7344013224d72d0
-
Size
611KB
-
MD5
2004f9f08f281f8d4ea7c913573dd6cc
-
SHA1
50203908a2e3a384375e459dd5888e2b44c83ee8
-
SHA256
edaca7753735c2306a34fd55f5064777b0d0d5569042c453e7344013224d72d0
-
SHA512
0cd47747cbc895919d15597ab6b25900fb0ffdbb04cc6c4dfc53152b575aa190508cacc694ee0cade4dff797017803ae6a40ea5d867cc0e2551527549d5d2bbd
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-