General
-
Target
task3.bin
-
Size
4.7MB
-
Sample
230411-r2354sda68
-
MD5
bd212fcdf3138b5c1dd890098f16f51e
-
SHA1
a85e4c8c2afa4da357d2209535c4140bd9809617
-
SHA256
1e9162cd0941557304a6a097dfaadf59f90bc8bbaa9879afe67b5ce0d1514be8
-
SHA512
4efb515e36e1ee089480c66bb2da1ab26bbc7269defccdb5e6b5b4860c1de3f6f9ffea780569abcaed4baf274ba2ee08ae551e319685eb3a75c243b6c50fb67e
-
SSDEEP
98304:8dMmjmYaZG4LgL6Db9D3v6vuWXyOqXfv1DPq2WPSKBDRlaolepWp:/8DGgL6D93M3VqXfEDBepWp
Malware Config
Targets
-
-
Target
task3.bin
-
Size
4.7MB
-
MD5
bd212fcdf3138b5c1dd890098f16f51e
-
SHA1
a85e4c8c2afa4da357d2209535c4140bd9809617
-
SHA256
1e9162cd0941557304a6a097dfaadf59f90bc8bbaa9879afe67b5ce0d1514be8
-
SHA512
4efb515e36e1ee089480c66bb2da1ab26bbc7269defccdb5e6b5b4860c1de3f6f9ffea780569abcaed4baf274ba2ee08ae551e319685eb3a75c243b6c50fb67e
-
SSDEEP
98304:8dMmjmYaZG4LgL6Db9D3v6vuWXyOqXfv1DPq2WPSKBDRlaolepWp:/8DGgL6D93M3VqXfEDBepWp
Score9/10-
Writes file to system bin folder
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
Reads system network configuration
Uses contents of /proc filesystem to enumerate network settings.
-
Enumerates kernel/hardware configuration
Reads contents of /sys virtual filesystem to enumerate system information.
-
Reads runtime system information
Reads data from /proc virtual filesystem.
-
Writes file to tmp directory
Malware often drops required files in the /tmp directory.
-