Analysis
-
max time kernel
13080s -
max time network
101s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20221111-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
12-04-2023 03:36
Behavioral task
behavioral1
Sample
a0949b1fd60a948b02d873e06c8f7b7d.bin
Resource
ubuntu1804-amd64-20221111-en
ubuntu-18.04-amd64
1 signatures
150 seconds
General
-
Target
a0949b1fd60a948b02d873e06c8f7b7d.bin
-
Size
221KB
-
MD5
a0949b1fd60a948b02d873e06c8f7b7d
-
SHA1
b63f2a2483f2ea145c011d4996550c8f6e7b4430
-
SHA256
407ab8618fed74fdb5fd374f3ed4a2fd9e8ea85631be2787e2ad17200f0462b8
-
SHA512
8fea9c5745159a2e5438b38b881b99678511ecbe1d696ae05887b501b1b990d23988817e5665ff1720b6708286eab8607bf888cb884ba9b9be5afca146ea7110
-
SSDEEP
6144:1hUiTpvhq1Hmnqve/yLIHIS88T5u46qhrfzrmCuLFu:1u2nq1HmWe6LSIStIq1fvJyE
Score
5/10
Malware Config
Signatures
-
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process /tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin /tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin a0949b1fd60a948b02d873e06c8f7b7d.bin
Processes
-
/tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin/tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin1⤵
- Writes file to tmp directory
PID:607
-
/bin/sh/bin/sh -c /etc/selinux/configs.conf1⤵PID:609
-
/etc/selinux/configs.conf/etc/selinux/configs.conf2⤵PID:610
-
-
/bin/sh/bin/sh -c /var/tmp/systemd-udevd1⤵PID:612
-
/var/tmp/systemd-udevd/var/tmp/systemd-udevd2⤵PID:613
-