General
-
Target
p.x86_64-64.so
-
Size
3.5MB
-
Sample
220808-g1mfvsedbm
-
MD5
0634a1c2c473bcf909e780304e9ba353
-
SHA1
ee38c52c6335136cf8270449e770415fe2f46757
-
SHA256
920375ffb3d7cb9195776f4d3b375112c45188f069c7632ef5090702b7fc3c3c
-
SHA512
a8092b8e1e358a820ec85dc0d7bbc92768121be03630570ae5c67b0b88cdc19827c2e3ab2130878ca35836d9146fa1e7ed5684a0bba49b5c9a5227a1ef0db06e
Static task
static1
Behavioral task
behavioral1
Sample
p.x86_64-64.so
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
p.x86_64-64.so
-
Size
3.5MB
-
MD5
0634a1c2c473bcf909e780304e9ba353
-
SHA1
ee38c52c6335136cf8270449e770415fe2f46757
-
SHA256
920375ffb3d7cb9195776f4d3b375112c45188f069c7632ef5090702b7fc3c3c
-
SHA512
a8092b8e1e358a820ec85dc0d7bbc92768121be03630570ae5c67b0b88cdc19827c2e3ab2130878ca35836d9146fa1e7ed5684a0bba49b5c9a5227a1ef0db06e
Score9/10-
Writes file to system bin folder
-
Reads CPU attributes
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-