General
-
Target
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
-
Size
70KB
-
Sample
221129-a47gwadh97
-
MD5
013158b4ae1c35f94a1603dc8dff2851
-
SHA1
3b1b78e783b4b28398ce091a003edec5682c1602
-
SHA256
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
-
SHA512
562f890419a67d7443fb34634e4408a0d57741e1d2379b5bbb3fa7e2e804d6e2c6d551c28b8e6fe4e12ddae13bea61b2d6c419d865d9aec138b7e97ca434c9a2
-
SSDEEP
1536:o8ItQU5WSItwjAZXDE7GueD065cLuyidMdduh28:o/Q5SItwjAZXDE7GueD065QuyP+28
Static task
static1
Behavioral task
behavioral1
Sample
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral2
Sample
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
Resource
debian9-armhf-20221111-en
Behavioral task
behavioral3
Sample
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
Resource
debian9-mipsbe-en-20211208
Behavioral task
behavioral4
Sample
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
Resource
debian9-mipsel-20221111-en
Malware Config
Targets
-
-
Target
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
-
Size
70KB
-
MD5
013158b4ae1c35f94a1603dc8dff2851
-
SHA1
3b1b78e783b4b28398ce091a003edec5682c1602
-
SHA256
4abf780890f5f6955991fc1278c6eb01a0f0b2d9be60bec591b71a5cf4738040
-
SHA512
562f890419a67d7443fb34634e4408a0d57741e1d2379b5bbb3fa7e2e804d6e2c6d551c28b8e6fe4e12ddae13bea61b2d6c419d865d9aec138b7e97ca434c9a2
-
SSDEEP
1536:o8ItQU5WSItwjAZXDE7GueD065cLuyidMdduh28:o/Q5SItwjAZXDE7GueD065QuyP+28
Score8/10-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-