Extracted

• • Target

    889916a6c2aacd3dd19257b514b9622b250a4b9a880fcae81a7113f43d448db8

  • Size

    611KB

  • MD5

    5c001d195a77ff8cf784d22f0e6716f9

  • SHA1

    e0456d0f6609b49a753f73e4a38fe37f5d00639d

  • SHA256

    889916a6c2aacd3dd19257b514b9622b250a4b9a880fcae81a7113f43d448db8

  • SHA512

    b7da42c9b8f345a28aa15938a6a1b927c3c27b6246debc605b5759a48217460182b4f102c43d6d84c39f0c53475175711763bfb8b7495e49c3615c0ce6f74e71

  Score

  9^/10

  persistence

  • Writes file to system bin folder

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Unexpected DNS network traffic destination

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1