Analysis
-
max time kernel
0s -
max time network
102s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
08-08-2022 19:49
Static task
static1
Behavioral task
behavioral1
Sample
bot.x86_64
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
1 signatures
150 seconds
General
-
Target
bot.x86_64
-
Size
51KB
-
MD5
d6fa114772e0456c9fa550fb66ce930d
-
SHA1
8d20e5b79bee753d348dd9e11657f60931fee9fa
-
SHA256
3e9c0c9663e762a7150223cf6c43878309107b7a6d2356f3f5c9ff89d2b19107
-
SHA512
0dbd268c2f32d70260c620769cd702dcb18524a9a2f652fb291635717968aa93088dbbf2027b0ddbf97261442833590b05a1875b1715c5dddaf45f22c7377791
Score
5/10
Malware Config
Signatures
-
Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.
Processes:
mvmkdirdescription ioc process /proc/filesystems /proc/filesystems mv /proc/583/exe /proc/583/exe /proc/filesystems /proc/filesystems mkdir
Processes
-
/tmp/bot.x86_64/tmp/bot.x86_641⤵
-
/bin/shsh -c "mkdir /a2vj1ll5rg/ && >/a2vj1ll5rg/a2vj1ll5rg && cd /a2vj1ll5rg/ >/dev/null"1⤵
-
/bin/mkdirmkdir /a2vj1ll5rg/2⤵
- Reads runtime system information
-
/bin/shsh -c "mv /tmp/bot.x86_64 /a2vj1ll5rg/a2vj1ll5rg && chmod 777 /a2vj1ll5rg/a2vj1ll5rg >/dev/null"1⤵
-
/bin/mvmv /tmp/bot.x86_64 /a2vj1ll5rg/a2vj1ll5rg2⤵
- Reads runtime system information
-
/bin/chmodchmod 777 /a2vj1ll5rg/a2vj1ll5rg2⤵