8ad6c31370b8587d05736523a224b948c36aa331b2befa1db451f3e1e5b9b773

Analysis

max time kernel
0s
max time network
150s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
27-09-2022 03:52

Target

57597da27f841e24ca509094bf39794e.elf
Size

22KB
MD5

57597da27f841e24ca509094bf39794e
SHA1

f80a21ab0416a15487c717d5ea259dfb72c70e7a
SHA256

8ad6c31370b8587d05736523a224b948c36aa331b2befa1db451f3e1e5b9b773
SHA512

9c981c8288e9c53a5792335a2b38a3165e9a42c0f78fc4059a1b6b3676688053392275c96829a701b8c7bafcc47c4c430386a20784f6d2d1c33f181d3ca23968
SSDEEP

384:MIKSllCn47kykykqF2Uy6EW62tHpSKlWQ3kHokW2jJNRGEWnMp0Fq+T+v1RP7P:BKolCudBh+CJSKXLF5EWnfFyP7P

Score

5^/10

Reads runtime system information 2 IoCs

Reads data from /proc virtual filesystem.

description	ioc	Process
/proc/filesystems	/proc/filesystems	mkdir
/proc/filesystems	/proc/filesystems	mv

/tmp/57597da27f841e24ca509094bf39794e.elf
/tmp/57597da27f841e24ca509094bf39794e.elf
1⤵
PID:571

/bin/sh
sh -c "rm -rf bin/busybox && mkdir bin; >bin/busybox && mv /tmp/57597da27f841e24ca509094bf39794e.elf bin/busybox; chmod 777 bin/busybox"
1⤵
PID:572
- /bin/rm
  rm -rf bin/busybox
  2⤵
  PID:573
- /bin/mkdir
  mkdir bin
  2⤵
  - Reads runtime system information
  PID:574
- /bin/mv
  mv /tmp/57597da27f841e24ca509094bf39794e.elf bin/busybox
  2⤵
  - Reads runtime system information
  PID:575
- /bin/chmod
  chmod 777 bin/busybox
  2⤵
  PID:576