General
-
Target
d65afdfbceb9474e00196c7368eaee5877bb5b5217d7ee08026b9fc789660001
-
Size
1.8MB
-
Sample
221127-p7drasdc7x
-
MD5
043e667ca2d073aecf1d0d8949c7fdab
-
SHA1
cf822fc3e70d5cd852df3ac650e5e8eed5557e0c
-
SHA256
d65afdfbceb9474e00196c7368eaee5877bb5b5217d7ee08026b9fc789660001
-
SHA512
4432c9bfdea5cf12893e87e93724ec8962b86da62a96ce4c04d272062fb00330759e3ede7cdb620af80636b7f2b4ab535a1bfe28380e2042f91e76c257933a70
-
SSDEEP
49152:PK9bJI+9NJkTRtG8lsCq2Sp5DLOSLnCk0eM:Pf+9NS9MGHqFp5d7M
Static task
static1
Behavioral task
behavioral1
Sample
xiang/1.sh
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral2
Sample
xiang/1.sh
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral3
Sample
xiang/1.sh
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral4
Sample
xiang/1.sh
Resource
debian9-mipsel-20221111-en
Behavioral task
behavioral5
Sample
xiang/go.sh
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
xiang/go.sh
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
xiang/ss
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral8
Sample
xiang/ssh-scan
Resource
ubuntu1804-amd64-20221111-en
Malware Config
Targets
-
-
Target
xiang/1.sh
-
Size
404B
-
MD5
fa4f1798d03844cc950c5c0ff1ed71a7
-
SHA1
7b7bb83c614603989d91a77ac0405d4000a0fa75
-
SHA256
a5b0146024e8974f15f29c835f5d2d272a199846fa04963bb05d7e0bd14620ff
-
SHA512
e94e75ade995e3ed08e1fcff6a830dbb28e512091d72af14bbf19ae6b6a33381130bda2c9b38050e61fc9dcf82e25ba06fb8d8f15edd4edeb1a7c1a675a8139e
Score5/10-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-
-
-
Target
xiang/go.sh
-
Size
94B
-
MD5
92c4c68480e699aa012b26c82a787248
-
SHA1
22fabcf0079b2b4cf158e897e5a920f8eeb7692a
-
SHA256
d87ce8ecce44c00db9606ae2185a1ed7d9585cba50e949710daa46a32da48249
-
SHA512
7594211854756cf1a18584bf8ef792a8cd6f884d0941dc47d755355282ba324b2d498cce7b747e36081503412462a9d76b3a4d9a95c255888fc16a63e8833a5f
Score3/10 -
-
-
Target
xiang/ss
-
Size
443KB
-
MD5
b51a52c9c82bb4401659b4c17c60f89f
-
SHA1
b45ae5d8d3069ee7f880dd461c931fa711b6ad3d
-
SHA256
97093a1ef729cb954b2a63d7ccc304b18d0243e2a77d87bbbb94741a0290d762
-
SHA512
600c956d612b9b59d9846d5e83c009b6bac646ef2ba763dd54126ddf2e1a2c86c70960dbc9f836e6cbd6c7296c3f1801151a1548af904c61375d096c23aa0f68
-
SSDEEP
6144:gIM21beIrQCxAeQmnT3V3xNNZkYgy2CZTLdUyh:NdbeIrT9QmbVDNZkMZLdUq
Score1/10 -
-
-
Target
xiang/ssh-scan
-
Size
822KB
-
MD5
a213ebd69fbc11d612d0374b373f65d8
-
SHA1
4f64a5b07b0c128771ea21bf4aa15610fc6b071c
-
SHA256
93df64cc0ff902ad1e80ada56023610ec2c44c3ecde2d36d37a3a748c7fd42bd
-
SHA512
eb1f005984d50cfd40f26730e8206d9455c1f3560ba90338019911987d2c401e93e70c7565ac68c291a19e04d346fc01cc7b8eaa57942bbcad5d64ab543ad5a3
-
SSDEEP
24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4UZZ2HQ:dzG9LvDbalG04rb6oZ4EQHQ
Score1/10 -