General
-
Target
dd7192e39a1b9bc7f81041b1af58775f649c9746ea3dca2ce2acdf4cf79a76e8
-
Size
8.2MB
-
Sample
220725-c6qcgsbch4
-
MD5
f06120e951ac7b534a04f8637ad65f82
-
SHA1
85a030f4f3ebcfd100fcb687737adf50ac23f066
-
SHA256
dd7192e39a1b9bc7f81041b1af58775f649c9746ea3dca2ce2acdf4cf79a76e8
-
SHA512
c3c41fef917f50e47900420cde9bf79c5f8872e9bece902f0e9e5dd5eede3adcb8b8abab8ceae614a176ec0df3fec5fa9c2fc0427d9175db7d14f2ab3be90676
Behavioral task
behavioral1
Sample
dd7192e39a1b9bc7f81041b1af58775f649c9746ea3dca2ce2acdf4cf79a76e8
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
dd7192e39a1b9bc7f81041b1af58775f649c9746ea3dca2ce2acdf4cf79a76e8
-
Size
8.2MB
-
MD5
f06120e951ac7b534a04f8637ad65f82
-
SHA1
85a030f4f3ebcfd100fcb687737adf50ac23f066
-
SHA256
dd7192e39a1b9bc7f81041b1af58775f649c9746ea3dca2ce2acdf4cf79a76e8
-
SHA512
c3c41fef917f50e47900420cde9bf79c5f8872e9bece902f0e9e5dd5eede3adcb8b8abab8ceae614a176ec0df3fec5fa9c2fc0427d9175db7d14f2ab3be90676
Score9/10-
Attempts to identify hypervisor via CPU configuration
Checks CPU information for indicators that the system is a virtual machine.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-