Analysis
-
max time kernel
0s -
max time network
125s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
07-08-2022 22:34
Static task
static1
Behavioral task
behavioral1
Sample
d6fa114772e0456c9fa550fb66ce930d
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
1 signatures
150 seconds
General
-
Target
d6fa114772e0456c9fa550fb66ce930d
-
Size
51KB
-
MD5
d6fa114772e0456c9fa550fb66ce930d
-
SHA1
8d20e5b79bee753d348dd9e11657f60931fee9fa
-
SHA256
3e9c0c9663e762a7150223cf6c43878309107b7a6d2356f3f5c9ff89d2b19107
-
SHA512
0dbd268c2f32d70260c620769cd702dcb18524a9a2f652fb291635717968aa93088dbbf2027b0ddbf97261442833590b05a1875b1715c5dddaf45f22c7377791
Score
5/10
Malware Config
Signatures
-
Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.
Processes:
mkdirmvdescription ioc /proc/582/exe /proc/582/exe /proc/filesystems /proc/filesystems mkdir /proc/filesystems /proc/filesystems mv
Processes
-
/tmp/d6fa114772e0456c9fa550fb66ce930d/tmp/d6fa114772e0456c9fa550fb66ce930d1⤵
-
/bin/shsh -c "mkdir /jol4ex2q2o/ && >/jol4ex2q2o/jol4ex2q2o && cd /jol4ex2q2o/ >/dev/null"1⤵
-
/bin/mkdirmkdir /jol4ex2q2o/2⤵
- Reads runtime system information
-
/bin/shsh -c "mv /tmp/d6fa114772e0456c9fa550fb66ce930d /jol4ex2q2o/jol4ex2q2o && chmod 777 /jol4ex2q2o/jol4ex2q2o >/dev/null"1⤵
-
/bin/mvmv /tmp/d6fa114772e0456c9fa550fb66ce930d /jol4ex2q2o/jol4ex2q2o2⤵
- Reads runtime system information
-
/bin/chmodchmod 777 /jol4ex2q2o/jol4ex2q2o2⤵