General
-
Target
beans
-
Size
1.7MB
-
Sample
220810-eynj2adbdl
-
MD5
720a3a92e72054dc8d58e229c22bb892
-
SHA1
07a3fb97c339a186f79c33d4de32997b2ad735d4
-
SHA256
e7c5b3de93a3184dc99c98c7f45e6ff5f6881b15d4a56c144e2e53e96dcc0e82
-
SHA512
9a537e88a8dc4f2c24e6dc683c5c626e2dde5cf2a230bdd8759a9e3b337904bfc43bdc8b60bead85b58122703adafe978d7129fbbe9a662ad62a19066ba364a9
Static task
static1
Behavioral task
behavioral1
Sample
beans
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
beans
-
Size
1.7MB
-
MD5
720a3a92e72054dc8d58e229c22bb892
-
SHA1
07a3fb97c339a186f79c33d4de32997b2ad735d4
-
SHA256
e7c5b3de93a3184dc99c98c7f45e6ff5f6881b15d4a56c144e2e53e96dcc0e82
-
SHA512
9a537e88a8dc4f2c24e6dc683c5c626e2dde5cf2a230bdd8759a9e3b337904bfc43bdc8b60bead85b58122703adafe978d7129fbbe9a662ad62a19066ba364a9
Score8/10-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Legitimate hosting services abused for malware hosting/C2
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-