Resubmissions

19-07-2023 21:16

230719-z4frlabb95 4

19-07-2023 21:13

230719-z2sndabb89 5

11-11-2022 04:56

221111-fkt1bsbcbk 5

Analysis

  • max time kernel
    0s
  • max time network
    103s
  • platform
    linux_amd64
  • resource
    ubuntu1804-amd64-en-20211208
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    11-11-2022 04:56

General

  • Target

    var www html kemhan/alfacgiapi/perl.alfa

  • Size

    542B

  • MD5

    8a3657a582ae4b798dff61233e589069

  • SHA1

    d476b323caa8be04324c59695c5a37acfa089851

  • SHA256

    f82fd317860454606003aa9dc7efde284d851424730e229f19c50d60206311b8

  • SHA512

    4795bbda4c3060926e090a9a78e0ce29bcd83d1c39ea8d5607a793da47c71776acd7ef37982c27c82ca6efe022978dc1f233d92f1f38a2e3eb4223c6237a5215

Score
5/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/var www html kemhan/alfacgiapi/perl.alfa
    "/tmp/var www html kemhan/alfacgiapi/perl.alfa"
    1⤵
    • Writes file to tmp directory
    PID:581

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads