Extracted

• • Target

    53a19c58ec8a57f7b74b9a6236c0292a93068c286aa4fa9424aaa5b53d6e83bb

  • Size

    611KB

  • MD5

    5a736738e547a853c533fcfdeb4dc82d

  • SHA1

    1ffc35650d431e7eb4ec31463cce666e3a26802e

  • SHA256

    53a19c58ec8a57f7b74b9a6236c0292a93068c286aa4fa9424aaa5b53d6e83bb

  • SHA512

    27bd3ecbb5ee5d0bcaffce680c20fbfaeeb6a1f4424dc1eeca28dd308a7fbf689c7a6dd7be15e8dfef67ba2d41e81edf87aebb747519676641b4438237402e54

  Score

  9^/10

  persistence

  • Writes file to system bin folder

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Unexpected DNS network traffic destination

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1