Overview
overview
5Static
static
unix/a
ubuntu-18.04-amd64
5unix/a
debian-9-armhf
5unix/a
debian-9-mips
5unix/a
debian-9-mipsel
5unix/bash
ubuntu-18.04-amd64
1unix/find
ubuntu-18.04-amd64
unix/pico
ubuntu-18.04-amd64
unix/rand
ubuntu-18.04-amd64
5unix/rand
debian-9-armhf
5unix/rand
debian-9-mips
5unix/rand
debian-9-mipsel
5unix/screen
ubuntu-18.04-amd64
General
-
Target
0a6f71cc9f0f2e770ef9b3bbcee8ed834a9e444ad77bfeb4aa37386bade349f9
-
Size
1.5MB
-
Sample
221130-bm6dxshf9x
-
MD5
21db2c1153bdbc774781d07150ca96e5
-
SHA1
d580b1595ca87f4266d1410a0046781c4ab93e76
-
SHA256
0a6f71cc9f0f2e770ef9b3bbcee8ed834a9e444ad77bfeb4aa37386bade349f9
-
SHA512
35084fe0d76f005e524a3aa7360a04d47a9c60ca773804ffa438236fcf7c07f9441ce712485a746e72a34d99023bfbcace85352c2bb067ed68811337b99cbce2
-
SSDEEP
24576:q8dJG9L4f0TYRsbalWjFm4z33bavoZ4ZZZ2HQ2DjPDjrlJfpB13LsG5nArW:rzG9LvDbalG04rb6oZ4TQHQ2DjPDjxBh
Static task
static1
Behavioral task
behavioral1
Sample
unix/a
Resource
ubuntu1804-amd64-20221111-en
Behavioral task
behavioral2
Sample
unix/a
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral3
Sample
unix/a
Resource
debian9-mipsbe-20221111-en
Behavioral task
behavioral4
Sample
unix/a
Resource
debian9-mipsel-en-20211208
Behavioral task
behavioral5
Sample
unix/bash
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral6
Sample
unix/find
Resource
ubuntu1804-amd64-20221111-en
Behavioral task
behavioral7
Sample
unix/pico
Resource
ubuntu1804-amd64-en-20211208
Behavioral task
behavioral8
Sample
unix/rand
Resource
ubuntu1804-amd64-20221111-en
Behavioral task
behavioral9
Sample
unix/rand
Resource
debian9-armhf-en-20211208
Behavioral task
behavioral10
Sample
unix/rand
Resource
debian9-mipsbe-20221111-en
Behavioral task
behavioral11
Sample
unix/rand
Resource
debian9-mipsel-20221111-en
Behavioral task
behavioral12
Sample
unix/screen
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
unix/a
-
Size
13KB
-
MD5
2eccef291a9b30b8fb9d784e9a1451bf
-
SHA1
0e25805d1fcb0eb404b9238e7d0c097b512ead95
-
SHA256
8ea91beb9d98cf97a8ec5589ae724ba7598791333d715109236d73335054c7c5
-
SHA512
e2e327c69f0b64f6ca5abc71aeb175c0a377c2bce0a8fcd27acaddf244499a267e4d6ca78bc4c156f4ae1ae91940f552b61d74e7f8e20056d64358be04c2ea0d
-
SSDEEP
48:Yfx06OfhDuDrDFDND0DdDECDXDeBCD5D7DckDNDpDxDyfmvVVVVVVVVVVVVVVVsx:EOfhqfRJgZYCTSMVXbZ1t+ue
Score5/10-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-
-
-
Target
unix/bash
-
Size
822KB
-
MD5
6ab93eb58bec3075278a44825ea0d0e3
-
SHA1
bd11d8b6b0300eade395fc1c80145d6204f16cf7
-
SHA256
25db12bc3ce2d7b1ea6472ec31d46b80ba119d15bdbf07343d1e96e5d1a6fe54
-
SHA512
e8f9ee40e60a70057928797327df771858389286e395f9fe6dd594f0d03495c4e887b2fad2565728937af8b32b9b7ac978f95a02b860d5b626cfc7c60b7b5d76
-
SSDEEP
24576:U8dJG9L4f0TYRsbalWjFm4z33bavoZ4ZZZ2HQ:dzG9LvDbalG04rb6oZ4TQHQ
Score1/10 -
-
-
Target
unix/find
-
Size
15KB
-
MD5
66e2d41b889f76b41273927bbb9125ea
-
SHA1
f3b3b1d28b57a5cc9f7bc820f9f1451b1528c141
-
SHA256
b371848c5d2bbf8c9e0f3b83078d63d40f18b112d40e81f07a93e24ebebc89a5
-
SHA512
7bdb109c0444d265433bb58d323179e5525b14e4a58bc15b9e98758389c84199e580a7d2bb6cbbcf7fb522aa5b94ea8a6914fecd84b8c2188a06582411eb1f25
-
SSDEEP
192:fNTevcg57urx+zZ48rzv9cp55liqGcWqqI/DOZPci6BNsUvF6P:fNM5GGb3UXiqGq85ca
Score1/10 -
-
-
Target
unix/pico
-
Size
164KB
-
MD5
51c7f3ec60f1613aa5202f26d9248ed1
-
SHA1
835ab0aba3740fcf80fe7238ef4d089d8c5a72c1
-
SHA256
5e092470ec616d5b866aab0f1a69309b74a48567eec7a250c9a328901a21a498
-
SHA512
424071e10216836567266cda5ab18876943817e731272ca68f1b96d00e80cef90c286aa5c46fdd5d963014282f39964f46905bda2e18309d6692383e24b5b8b6
-
SSDEEP
3072:6vq0piaD1aJ3INN6QhldW6dV/T76+eRWPdrJlkODLm729xJtyv0t:6vtjDsYNJdW6dV/T76aPdrJlkOHm729b
Score1/10 -
-
-
Target
unix/rand
-
Size
659B
-
MD5
6c2e9bfda34289883672f9dc300867b7
-
SHA1
567a88df29ee2e68e71f84f0160342ba8e3c12e6
-
SHA256
01a4f710b5c89890b0be94bd7899e3d28612a767018f598cdf9756f9249256a8
-
SHA512
2da35fb8aa793ddcad7f4d7307fcd5a12edf3a75e2937ee3cc1a6bc0f8c8f4213d13a7f197985201e4a01856d9707ce509b3a951ccf4c28ad154757caa5f6d7b
Score5/10-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-
-
-
Target
unix/screen
-
Size
244KB
-
MD5
cbf0f41bbbafb1c2609bedb943be3b36
-
SHA1
a240a0118739e72ff89cefa2540bf0d7da8f8a6c
-
SHA256
2413af510a75ada34716165992a425b35f62ba1478f63746502afd8a8a156b80
-
SHA512
388cdc9f027aeb2b0ca336e5e262472fa8f0782727abe1e7d53723b4c36108e8b71167c06b9e5e7fb6a91ca4c9bc38be5d509ea17645cd1d23e5685307929943
-
SSDEEP
3072:vgQ7G4bDuK/gBrcsP3a89qIW5OnApX2KnZJ5l8cZZbel8Ur5fURH59UlNmXXPqHw:vg5SSK/DsyZnpXndqWkr5sH54N2fq
Score1/10 -