General
-
Target
93d43d76925dc4539b04f16afc8b52ad92fdc05f04fbce1231899546034c1a9f
-
Size
596KB
-
Sample
220701-c4zhdaadb5
-
MD5
3f1f64c58bf4ba413a7b4242fb0a1546
-
SHA1
8074bc8565bb08350010e7ce80ed5270abb1d08e
-
SHA256
93d43d76925dc4539b04f16afc8b52ad92fdc05f04fbce1231899546034c1a9f
-
SHA512
b4c424daf0ea08be669d0f2e5403af1a431f2d8ad2c49ef2398a38dbe205f5833b242f963a92c8397db400e4e253f2128cd08ce9d11b6fab23051d759bcb5525
Static task
static1
Behavioral task
behavioral1
Sample
93d43d76925dc4539b04f16afc8b52ad92fdc05f04fbce1231899546034c1a9f
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Extracted
xorddos
dns-google.org:60000
a-dns-google.com:60000
uc.twjiasu.com:8080
Targets
-
-
Target
93d43d76925dc4539b04f16afc8b52ad92fdc05f04fbce1231899546034c1a9f
-
Size
596KB
-
MD5
3f1f64c58bf4ba413a7b4242fb0a1546
-
SHA1
8074bc8565bb08350010e7ce80ed5270abb1d08e
-
SHA256
93d43d76925dc4539b04f16afc8b52ad92fdc05f04fbce1231899546034c1a9f
-
SHA512
b4c424daf0ea08be669d0f2e5403af1a431f2d8ad2c49ef2398a38dbe205f5833b242f963a92c8397db400e4e253f2128cd08ce9d11b6fab23051d759bcb5525
Score9/10-
Writes file to system bin folder
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Write file to user bin folder
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-