General
-
Target
106db86e650ecabf95158ff04e0cb22e89682d792e31490e33828a74cff53104
-
Size
8.2MB
-
Sample
220701-gb6s7sgad5
-
MD5
af7bee72c11cf18c92b171ff8494c652
-
SHA1
e3316f59eb7de8a140b09a7a49d14e8a7ebfe0ac
-
SHA256
106db86e650ecabf95158ff04e0cb22e89682d792e31490e33828a74cff53104
-
SHA512
0f5c50f643c801186a71df6ff4114e666476c996f6211cd7f992e6116a1df8671d08c103468f5311b5be343f7ee8475b63ed0606d779b8413ff9ae2801c620a6
Static task
static1
Behavioral task
behavioral1
Sample
106db86e650ecabf95158ff04e0cb22e89682d792e31490e33828a74cff53104
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
106db86e650ecabf95158ff04e0cb22e89682d792e31490e33828a74cff53104
-
Size
8.2MB
-
MD5
af7bee72c11cf18c92b171ff8494c652
-
SHA1
e3316f59eb7de8a140b09a7a49d14e8a7ebfe0ac
-
SHA256
106db86e650ecabf95158ff04e0cb22e89682d792e31490e33828a74cff53104
-
SHA512
0f5c50f643c801186a71df6ff4114e666476c996f6211cd7f992e6116a1df8671d08c103468f5311b5be343f7ee8475b63ed0606d779b8413ff9ae2801c620a6
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-