Extracted

• • Target

    3b1b0120ff6ae58cf1ead67e24f5eb77aad0a776ec6f628cdcb069da1378da7b

  • Size

    596KB

  • MD5

    b199d5ec4f32ed7f7b0a4f925d70b4b3

  • SHA1

    60895f3db013b9a65a29f5f3dd1a293f8b8f3c79

  • SHA256

    3b1b0120ff6ae58cf1ead67e24f5eb77aad0a776ec6f628cdcb069da1378da7b

  • SHA512

    d921123a819195cb30c68d5795722c43debdb7458384f2966959fed7922618735fe7105c9a61bfe60a863a907f407023c6b2a42c2ec13c6799814f938a441346

  Score

  9^/10

  persistence

  • Writes file to system bin folder

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1