3e9c0c9663e762a7150223cf6c43878309107b7a6d2356f3f5c9ff89d2b19107 | Triage

Analysis

max time kernel
0s
max time network
125s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
07-08-2022 22:34

Sharing

Report Analysis Logs

General

Target

d6fa114772e0456c9fa550fb66ce930d
Size

51KB
MD5

d6fa114772e0456c9fa550fb66ce930d
SHA1

8d20e5b79bee753d348dd9e11657f60931fee9fa
SHA256

3e9c0c9663e762a7150223cf6c43878309107b7a6d2356f3f5c9ff89d2b19107
SHA512

0dbd268c2f32d70260c620769cd702dcb18524a9a2f652fb291635717968aa93088dbbf2027b0ddbf97261442833590b05a1875b1715c5dddaf45f22c7377791

Score

5^/10

Malware Config

Signatures

Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.

Processes:

mkdirmv

description ioc

/proc/582/exe /proc/582/exe
/proc/filesystems /proc/filesystems mkdir
/proc/filesystems /proc/filesystems mv

/tmp/d6fa114772e0456c9fa550fb66ce930d
/tmp/d6fa114772e0456c9fa550fb66ce930d
1⤵
PID:580

/bin/sh
sh -c "mkdir /jol4ex2q2o/ && >/jol4ex2q2o/jol4ex2q2o && cd /jol4ex2q2o/ >/dev/null"
1⤵
PID:583

/bin/mkdir
mkdir /jol4ex2q2o/
2⤵
- Reads runtime system information
PID:584

/bin/sh
sh -c "mv /tmp/d6fa114772e0456c9fa550fb66ce930d /jol4ex2q2o/jol4ex2q2o && chmod 777 /jol4ex2q2o/jol4ex2q2o >/dev/null"
1⤵
PID:585

/bin/mv
mv /tmp/d6fa114772e0456c9fa550fb66ce930d /jol4ex2q2o/jol4ex2q2o
2⤵
- Reads runtime system information
PID:586

/bin/chmod
chmod 777 /jol4ex2q2o/jol4ex2q2o
2⤵
PID:587

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...