4f8d8ea9646d4e22bde910ff285f60de42280dc778202bda1dc326f5a9244f4b

Submit
Reports

Overview

overview

Static

static

0908-explo...ry.pdf

windows7-x64

0908-explo...ry.pdf

windows10-2004-x64

0908-explo...on.pdf

windows7-x64

0908-explo...on.pdf

windows10-2004-x64

0908-explo...on.pdf

windows7-x64

0908-explo...on.pdf

windows10-2004-x64

SkypeTroja...an.vbs

windows7-x64

SkypeTroja...an.vbs

windows10-2004-x64

0908-explo...ry.pdf

windows7-x64

0908-explo...ry.pdf

windows10-2004-x64

0908-explo...on.pdf

windows7-x64

0908-explo...on.pdf

windows10-2004-x64

0908-explo...ow.txt

ubuntu-18.04-amd64

0908-explo...ow.txt

debian-9-armhf

0908-explo...ow.txt

debian-9-mips

0908-explo...ow.txt

debian-9-mipsel

0908-explo...xss.js

windows7-x64

0908-explo...xss.js

windows10-2004-x64

0908-explo...sh.txt

ubuntu-18.04-amd64

0908-explo...sh.txt

debian-9-armhf

0908-explo...sh.txt

debian-9-mips

0908-explo...sh.txt

debian-9-mipsel

0908-explo...ow.txt

ubuntu-18.04-amd64

0908-explo...ow.txt

debian-9-armhf

0908-explo...ow.txt

debian-9-mips

0908-explo...ow.txt

debian-9-mipsel

0908-explo...ql.ps1

windows7-x64

0908-explo...ql.ps1

windows10-2004-x64

0908-explo...ql.txt

ubuntu-18.04-amd64

0908-explo...ql.txt

debian-9-armhf

0908-explo...ql.txt

debian-9-mips

0908-explo...ql.txt

debian-9-mipsel

Analysis

max time kernel
0s
max time network
100s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20221111-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
27/11/2022, 18:15

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf link

2 signatures

Behavioral task

behavioral1

Sample

0908-exploits/CoolPreviews_Firefox_Extension_Security_Advisory.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

0908-exploits/CoolPreviews_Firefox_Extension_Security_Advisory.pdf

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

0908-exploits/Feed_Sidebar_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

0908-exploits/Feed_Sidebar_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win10v2004-20220901-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral5

Sample

0908-exploits/ScribeFire_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

0908-exploits/ScribeFire_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral7

Sample

SkypeTrojan/SkypeTrojan.vbs

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

SkypeTrojan/SkypeTrojan.vbs

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

0908-exploits/Update_Scanner_Firefox_Extension_Security_Advisory.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

0908-exploits/Update_Scanner_Firefox_Extension_Security_Advisory.pdf

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral11

Sample

0908-exploits/WizzRSS_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

0908-exploits/WizzRSS_Firefox_Extension_Privileged_Code_Injection.pdf

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral13

Sample

0908-exploits/a2mpp-overflow.txt

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

0908-exploits/a2mpp-overflow.txt

Resource

debian9-armhf-en-20211208

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

0908-exploits/a2mpp-overflow.txt

Resource

debian9-mipsbe-20221111-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

0908-exploits/a2mpp-overflow.txt

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

0908-exploits/adobeflex-xss.js

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

0908-exploits/adobeflex-xss.js

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

0908-exploits/aio-crash.txt

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

0908-exploits/aio-crash.txt

Resource

debian9-armhf-20221111-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

0908-exploits/aio-crash.txt

Resource

debian9-mipsbe-20221111-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

0908-exploits/aio-crash.txt

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

0908-exploits/amayaw3c-overflow.txt

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

0908-exploits/amayaw3c-overflow.txt

Resource

debian9-armhf-en-20211208

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

0908-exploits/amayaw3c-overflow.txt

Resource

debian9-mipsbe-20221111-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

0908-exploits/amayaw3c-overflow.txt

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

0908-exploits/arabportal2-sql.ps1

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

0908-exploits/arabportal2-sql.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

0908-exploits/arabportal22-sql.txt

Resource

ubuntu1804-amd64-20221111-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

0908-exploits/arabportal22-sql.txt

Resource

debian9-armhf-en-20211208

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

0908-exploits/arabportal22-sql.txt

Resource

debian9-mipsbe-20221111-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

0908-exploits/arabportal22-sql.txt

Resource

debian9-mipsel-en-20211208

debian-9-mipsel

0 signatures

150 seconds

Report Analysis Logs

General

Target

0908-exploits/aio-crash.txt
Size

650B
MD5

ba29145c9a2fea971268c67b556eb4c3
SHA1

d3a40fd05778a3c62e83a41cd1a528f105fb0c18
SHA256

ee6c3d544638885b74a9b19721e792accc172ec4ebc7ddb23d2be67aa9c4c517
SHA512

f7b4672db630c6536a7e0d457f9cf9b56d73f519424413cf5b8d1acf1a1a31f278d270d1506db9ae146b37a90cc0d9bd15785c9a817e47a93a4c3de0b0e0f8a4

Score

5^/10

Malware Config

Signatures

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
/tmp/0908-exploits/aio-crash.txt	/tmp/0908-exploits/aio-crash.txt	aio-crash.txt

Processes

/tmp/0908-exploits/aio-crash.txt
/tmp/0908-exploits/aio-crash.txt
1⤵
- Writes file to tmp directory
PID:588

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads