Analysis
-
max time kernel
0s -
max time network
23s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
submitted
01-07-2022 04:53
Static task
static1
Behavioral task
behavioral1
Sample
86a8a2107448d28214e43a86e1367feec9e7f45201a3013c57bc200bf760e1ee
Resource
ubuntu1804-amd64-en-20211208
linux_amd64
0 signatures
0 seconds
General
-
Target
86a8a2107448d28214e43a86e1367feec9e7f45201a3013c57bc200bf760e1ee
-
Size
611KB
-
MD5
55a111f4625348cffd6d910e49f5dbdc
-
SHA1
0cb723f7dcf9ae320501ee93dba2363699811576
-
SHA256
86a8a2107448d28214e43a86e1367feec9e7f45201a3013c57bc200bf760e1ee
-
SHA512
c2d30d334e2f30684474c72034ab170bf662aff8130606eb4eee7bc39bfd75f4c5d111957621ae290e821be3cd31d2f517e275dda571299671397248502301d7
Score
9/10
Malware Config
Signatures
-
Writes file to system bin folder 1 TTPs 3 IoCs
Processes:
description ioc /bin/zyicuggrkg /bin/zyicuggrkg /bin/nddhsildsx /bin/nddhsildsx /bin/mabzfgoatz /bin/mabzfgoatz -
Creates/modifies Cron job 1 TTPs 2 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
Processes:
shseddescription ioc Process /etc/crontab /etc/crontab sh /etc/crontab /etc/crontab sed -
Modifies rc script 1 TTPs 12 IoCs
Adding/modifying system rc scripts is a common persistence mechanism.
Processes:
update-rc.ddescription ioc Process /etc/rc1.d/S9086a8a2107448d28214e43a86e1367feec9e7f45201a3013c57bc200bf760e1ee /etc/rc1.d/S9086a8a2107448d28214e43a86e1367feec9e7f45201a3013c57bc200bf760e1ee