Overview
overview
5Static
static
4var www ht...han.js
windows7-x64
1var www ht...han.js
windows10-2004-x64
1var www ht...022.js
windows7-x64
1var www ht...022.js
windows10-2004-x64
1var www ht...api.js
windows7-x64
1var www ht...api.js
windows10-2004-x64
1var www ht...h.alfa
ubuntu-18.04-amd64
5var www ht...h.alfa
debian-9-armhf
5var www ht...h.alfa
debian-9-mips
1var www ht...h.alfa
debian-9-mipsel
5var www ht...r.alfa
ubuntu-18.04-amd64
var www ht...r.alfa
debian-9-armhf
var www ht...r.alfa
debian-9-mips
var www ht...r.alfa
debian-9-mipsel
var www ht...l.alfa
ubuntu-18.04-amd64
5var www ht...l.alfa
debian-9-armhf
1var www ht...l.alfa
debian-9-mips
1var www ht...l.alfa
debian-9-mipsel
5var www ht...y.alfa
ubuntu-18.04-amd64
var www ht...y.alfa
debian-9-armhf
var www ht...y.alfa
debian-9-mips
var www ht...y.alfa
debian-9-mipsel
var www ht...han.js
windows7-x64
1var www ht...han.js
windows10-2004-x64
1var www ht...ory.js
windows7-x64
1var www ht...ory.js
windows10-2004-x64
1var www ht...a.html
windows7-x64
1var www ht...a.html
windows10-2004-x64
1var www ht...o.html
windows7-x64
1var www ht...o.html
windows10-2004-x64
1var www ht...oto.js
windows7-x64
1var www ht...oto.js
windows10-2004-x64
1Resubmissions
19-07-2023 21:16
230719-z4frlabb95 419-07-2023 21:13
230719-z2sndabb89 511-11-2022 04:56
221111-fkt1bsbcbk 5Analysis
-
max time kernel
0s -
max time network
103s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
11-11-2022 04:56
Behavioral task
behavioral1
Sample
var www html kemhan/.kemhan.js
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
var www html kemhan/.kemhan.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
var www html kemhan/2022/.2022.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
var www html kemhan/2022/.2022.js
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
var www html kemhan/alfacgiapi/.alfacgiapi.js
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
var www html kemhan/alfacgiapi/.alfacgiapi.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
var www html kemhan/alfacgiapi/bash.alfa
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral8
Sample
var www html kemhan/alfacgiapi/bash.alfa
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral9
Sample
var www html kemhan/alfacgiapi/bash.alfa
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral10
Sample
var www html kemhan/alfacgiapi/bash.alfa
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral11
Sample
var www html kemhan/alfacgiapi/getheader.alfa
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral12
Sample
var www html kemhan/alfacgiapi/getheader.alfa
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral13
Sample
var www html kemhan/alfacgiapi/getheader.alfa
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral14
Sample
var www html kemhan/alfacgiapi/getheader.alfa
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral15
Sample
var www html kemhan/alfacgiapi/perl.alfa
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral16
Sample
var www html kemhan/alfacgiapi/perl.alfa
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral17
Sample
var www html kemhan/alfacgiapi/perl.alfa
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral18
Sample
var www html kemhan/alfacgiapi/perl.alfa
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral19
Sample
var www html kemhan/alfacgiapi/py.alfa
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral20
Sample
var www html kemhan/alfacgiapi/py.alfa
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral21
Sample
var www html kemhan/alfacgiapi/py.alfa
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral22
Sample
var www html kemhan/alfacgiapi/py.alfa
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral23
Sample
var www html kemhan/arti-logo-kemhan.js
Resource
win7-20220812-en
Behavioral task
behavioral24
Sample
var www html kemhan/arti-logo-kemhan.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral25
Sample
var www html kemhan/category/.category.js
Resource
win7-20220812-en
Behavioral task
behavioral26
Sample
var www html kemhan/category/.category.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral27
Sample
var www html kemhan/category/berita.html
Resource
win7-20220812-en
Behavioral task
behavioral28
Sample
var www html kemhan/category/berita.html
Resource
win10v2004-20220812-en
Behavioral task
behavioral29
Sample
var www html kemhan/category/foto.html
Resource
win7-20220812-en
Behavioral task
behavioral30
Sample
var www html kemhan/category/foto.html
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
var www html kemhan/category/foto/.foto.js
Resource
win7-20220812-en
Behavioral task
behavioral32
Sample
var www html kemhan/category/foto/.foto.js
Resource
win10v2004-20220812-en
General
-
Target
var www html kemhan/alfacgiapi/bash.alfa
-
Size
1KB
-
MD5
501e2358a0f82d8289dc51958bd81beb
-
SHA1
ddbf3f121acff0c651dcea118333f610cc98b0c1
-
SHA256
1bbacae70b0e11e051783879bb63f667b4ee88b6b5676eabc7b09ea9afbc113c
-
SHA512
7e96a386e687738b404a06f54c96a690fa7c9c181969c68f4c72994a32286c33266303434c85ce117fa60ef326a626cd05fd5a1aafe653e29c972f336e284755
Malware Config
Signatures
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process /tmp/var www html kemhan/alfacgiapi/bash.alfa /tmp/var www html kemhan/alfacgiapi/bash.alfa bash.alfa