Analysis

  • max time kernel
    13080s
  • max time network
    101s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20221111-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20221111-enkernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-04-2023 03:36

General

  • Target

    a0949b1fd60a948b02d873e06c8f7b7d.bin

  • Size

    221KB

  • MD5

    a0949b1fd60a948b02d873e06c8f7b7d

  • SHA1

    b63f2a2483f2ea145c011d4996550c8f6e7b4430

  • SHA256

    407ab8618fed74fdb5fd374f3ed4a2fd9e8ea85631be2787e2ad17200f0462b8

  • SHA512

    8fea9c5745159a2e5438b38b881b99678511ecbe1d696ae05887b501b1b990d23988817e5665ff1720b6708286eab8607bf888cb884ba9b9be5afca146ea7110

  • SSDEEP

    6144:1hUiTpvhq1Hmnqve/yLIHIS88T5u46qhrfzrmCuLFu:1u2nq1HmWe6LSIStIq1fvJyE

Score
5/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin
    /tmp/a0949b1fd60a948b02d873e06c8f7b7d.bin
    1⤵
    • Writes file to tmp directory
    PID:607
  • /bin/sh
    /bin/sh -c /etc/selinux/configs.conf
    1⤵
      PID:609
      • /etc/selinux/configs.conf
        /etc/selinux/configs.conf
        2⤵
          PID:610
      • /bin/sh
        /bin/sh -c /var/tmp/systemd-udevd
        1⤵
          PID:612
          • /var/tmp/systemd-udevd
            /var/tmp/systemd-udevd
            2⤵
              PID:613

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads