Extracted

• • Target

    591895fe233e81599250a02d2418493ce9c249ad03be31dd38ba6b880a30c2dc

  • Size

    647KB

  • MD5

    f8f82cf76d78be5823b27bf92c794b80

  • SHA1

    5b3391ea0dfd9f6b4b3c58bbb2a5065d5e5beaef

  • SHA256

    591895fe233e81599250a02d2418493ce9c249ad03be31dd38ba6b880a30c2dc

  • SHA512

    3941f3cb3eb45812b2d466264ad7c6db2f2035a005e37698182135c54af6207e06a36bbe7ed6935f4c523b646c04d21f751a0988f1d9e48b9ea59dd8576747e8

  Score

  7^/10

  persistence

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1