6ac3754ed57f4286681295abf6f23d0ccc535f7fcdb49ec74d746f521cde1990

Analysis

max time kernel
0s
max time network
103s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
18-08-2022 11:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

skid.x86_64-20220818-1128
Size

69KB
MD5

e9adcff07098778702315e9450e0d8c5
SHA1

8dfe947c98b3fae9a1cb8130eff7aff00dc51fe7
SHA256

6ac3754ed57f4286681295abf6f23d0ccc535f7fcdb49ec74d746f521cde1990
SHA512

3a2483047857f93292090fae36419b1d5845b8ae3fa3d67334668c8c57910bcb9618630e949087c4b70e1ece7359631d1c17d9300805117d73f68752106d6fce

Score

5^/10

Malware Config

Signatures

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

Processes:

description	ioc
/proc/364/maps	/proc/364/maps
/proc/	/proc/
/proc/12/maps	/proc/12/maps
/proc/79/maps	/proc/79/maps
/proc/115/maps	/proc/115/maps
/proc/155/maps	/proc/155/maps
/proc/168/maps	/proc/168/maps
/proc/14/maps	/proc/14/maps
/proc/17/maps	/proc/17/maps
/proc/84/maps	/proc/84/maps
/proc/192/maps	/proc/192/maps
/proc/16/maps	/proc/16/maps
/proc/18/maps	/proc/18/maps
/proc/19/maps	/proc/19/maps
/proc/89/maps	/proc/89/maps
/proc/163/maps	/proc/163/maps
/proc/7/maps	/proc/7/maps
/proc/20/maps	/proc/20/maps
/proc/27/maps	/proc/27/maps
/proc/36/maps	/proc/36/maps
/proc/80/maps	/proc/80/maps
/proc/379/maps	/proc/379/maps
/proc/372/maps	/proc/372/maps
/proc/574/maps	/proc/574/maps
/proc/9/maps	/proc/9/maps
/proc/25/maps	/proc/25/maps
/proc/32/maps	/proc/32/maps
/proc/98/maps	/proc/98/maps
/proc/154/maps	/proc/154/maps
/proc/221/maps	/proc/221/maps
/proc/157/maps	/proc/157/maps
/proc/158/maps	/proc/158/maps
/proc/3/maps	/proc/3/maps
/proc/21/maps	/proc/21/maps
/proc/22/maps	/proc/22/maps
/proc/24/maps	/proc/24/maps
/proc/29/maps	/proc/29/maps
/proc/130/maps	/proc/130/maps
/proc/361/maps	/proc/361/maps
/proc/584/maps	/proc/584/maps
/proc/23/maps	/proc/23/maps
/proc/169/maps	/proc/169/maps
/proc/345/maps	/proc/345/maps
/proc/417/maps	/proc/417/maps
/proc/583/maps	/proc/583/maps
/proc/filesystems	/proc/filesystems	mv
/proc/28/maps	/proc/28/maps
/proc/30/maps	/proc/30/maps
/proc/78/maps	/proc/78/maps
/proc/83/maps	/proc/83/maps
/proc/352/maps	/proc/352/maps
/proc/579/maps	/proc/579/maps
/proc/5/maps	/proc/5/maps
/proc/156/maps	/proc/156/maps
/proc/159/maps	/proc/159/maps
/proc/287/maps	/proc/287/maps
/proc/451/maps	/proc/451/maps
/proc/453/maps	/proc/453/maps
/proc/590/maps	/proc/590/maps
/proc/4/maps	/proc/4/maps
/proc/8/maps	/proc/8/maps
/proc/10/maps	/proc/10/maps
/proc/11/maps	/proc/11/maps
/proc/26/maps	/proc/26/maps

/tmp/skid.x86_64-20220818-1128
/tmp/skid.x86_64-20220818-1128
1⤵
PID:581

/bin/sh
sh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/skid.x86_64-20220818-1128 bin/busybox; chmod 777 bin/busybox"
1⤵
PID:583

/bin/rm
rm -rf bin/busybox
2⤵
PID:584

/bin/mkdir
mkdir bin
2⤵
PID:585

/bin/mv
mv /tmp/skid.x86_64-20220818-1128 bin/busybox
2⤵
- Reads runtime system information
PID:586

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads