Overview

overview

5

Static

static

bot.x86_64

ubuntu-18.04-amd64

5

Analysis

  • max time kernel
    0s
  • max time network
    102s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    08-08-2022 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bot.x86_64

  • Size

    51KB

  • MD5

    d6fa114772e0456c9fa550fb66ce930d

  • SHA1

    8d20e5b79bee753d348dd9e11657f60931fee9fa

  • SHA256

    3e9c0c9663e762a7150223cf6c43878309107b7a6d2356f3f5c9ff89d2b19107

  • SHA512

    0dbd268c2f32d70260c620769cd702dcb18524a9a2f652fb291635717968aa93088dbbf2027b0ddbf97261442833590b05a1875b1715c5dddaf45f22c7377791

Score
5/10

Malware Config

Signatures

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/bot.x86_64
    /tmp/bot.x86_64
    1⤵
      PID:581
    • /bin/sh
      sh -c "mkdir /a2vj1ll5rg/ && >/a2vj1ll5rg/a2vj1ll5rg && cd /a2vj1ll5rg/ >/dev/null"
      1⤵
        PID:584
        • /bin/mkdir
          mkdir /a2vj1ll5rg/
          2⤵
          • Reads runtime system information
          PID:585
      • /bin/sh
        sh -c "mv /tmp/bot.x86_64 /a2vj1ll5rg/a2vj1ll5rg && chmod 777 /a2vj1ll5rg/a2vj1ll5rg >/dev/null"
        1⤵
          PID:586
          • /bin/mv
            mv /tmp/bot.x86_64 /a2vj1ll5rg/a2vj1ll5rg
            2⤵
            • Reads runtime system information
            PID:587
          • /bin/chmod
            chmod 777 /a2vj1ll5rg/a2vj1ll5rg
            2⤵
              PID:588

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads