General
-
Target
1e7ca210ff7bedeefadb15a9ec5ea68ad9022d0c6f41c4e548ec2e5927026ba4_x86
-
Size
9.3MB
-
Sample
230309-jgwarsbb65
-
MD5
ba1249d19585248cb075855e46ea6bf4
-
SHA1
957c96e0d9cecb69173ebb5201e26d065fa3a930
-
SHA256
1e7ca210ff7bedeefadb15a9ec5ea68ad9022d0c6f41c4e548ec2e5927026ba4
-
SHA512
2c7d00825a42e6bc7e58203716b02b230c2074c921dc0709180b77d815b805f1ff75782fd402834bcd72ef51d2157ca42d7e9d1b66c70a82875ae18750197b79
-
SSDEEP
98304:ssUKYzUZKDNadpngODEO0StEzc6buuLVtMv5aywH6/wfsjmZ:ssUjFDNad8BDbHMBazLB
Behavioral task
behavioral1
Sample
1e7ca210ff7bedeefadb15a9ec5ea68ad9022d0c6f41c4e548ec2e5927026ba4_x86
Resource
ubuntu1804-amd64-en-20211208
Malware Config
Targets
-
-
Target
1e7ca210ff7bedeefadb15a9ec5ea68ad9022d0c6f41c4e548ec2e5927026ba4_x86
-
Size
9.3MB
-
MD5
ba1249d19585248cb075855e46ea6bf4
-
SHA1
957c96e0d9cecb69173ebb5201e26d065fa3a930
-
SHA256
1e7ca210ff7bedeefadb15a9ec5ea68ad9022d0c6f41c4e548ec2e5927026ba4
-
SHA512
2c7d00825a42e6bc7e58203716b02b230c2074c921dc0709180b77d815b805f1ff75782fd402834bcd72ef51d2157ca42d7e9d1b66c70a82875ae18750197b79
-
SSDEEP
98304:ssUKYzUZKDNadpngODEO0StEzc6buuLVtMv5aywH6/wfsjmZ:ssUjFDNad8BDbHMBazLB
Score7/10-
Write file to user bin folder
-
Creates .desktop file
Linux desktops like GNOME require .desktop files to register applications. Sometimes abused by malware for persistence.
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-