Extracted

• • Target

    8193240c0f16d4a31ccc4c1759fe5fe9d27b33ea

  • Size

    611KB

  • MD5

    fa80b8c30d89941da5457f3336601adf

  • SHA1

    8193240c0f16d4a31ccc4c1759fe5fe9d27b33ea

  • SHA256

    1a6b4f71e0a25f69c2923d952c31c64239cf62d6dc703d125af906d9b0ce20f2

  • SHA512

    9ff993244afc9bb223659a6043f2cfab7696f6772e594f8b630c87663b6767be713b8918fce2a146c4251ba9b20af2ee3f664ac00fa804ad52a3c703dff8df81

  • SSDEEP

    12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrr1T6yF8EEP4UlUuTh1A3:FBXmkN/+Fhu/Qo4h9L+zNN1BVEBl/91M

  Score

  9^/10

  persistence

  • Writes file to system bin folder

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    persistence

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence

  • Write file to user bin folder

  • Reads runtime system information

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory

    Malware often drops required files in the /tmp directory.

  behavioral1