Analysis
-
max time kernel
31416s -
max time network
142s -
platform
linux_amd64 -
resource
ubuntu1804-amd64-en-20211208 -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
03-12-2022 23:46
Behavioral task
behavioral1
Sample
275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
Resource
ubuntu1804-amd64-en-20211208
ubuntu-18.04-amd64
2 signatures
150 seconds
General
-
Target
275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
-
Size
84KB
-
MD5
0a35e06f53c17ab1c8e18e7e0c0821d8
-
SHA1
14fd16e6465b74c5ac4dc895f4c15bccb447af31
-
SHA256
275d63587f3ac511d7cca5ff85af2914e74d8b68edd5a7a8a1609426d5b7f6a9
-
SHA512
e15391a43ba7aa986138d38530fb77a671ec1aef18a21699700fc0a35bd122207c8f97bc6ae6989a37c4ab629ee980037530c8f1070da5594a9112a02b2589ba
-
SSDEEP
1536:cgNZiXzc9qrw4NuVRNnUOnhhWcgZOLg2e41E5vqHekyN/1H5xuM8ZcU:clcUrwtFUOnhhWcgELg2vE5vq+xN/1Zq
Score
8/10
Malware Config
Signatures
-
Writes DNS configuration 1 TTPs 1 IoCs
Writes data to DNS resolver config file.
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
description ioc /tmp/.llock /tmp/.llock