General
-
Target
nyynvefzjerks
-
Size
546KB
-
Sample
230420-j9pnpaae8s
-
MD5
2a91a3170a5fd4fb3e30f3d63b9120de
-
SHA1
1a7a226833f43fdaee71cb6f84914f9a1e87de81
-
SHA256
c9bd6d01eb7258fef88ec5c9276431c1db45f063b316f83943e45b6a40a76783
-
SHA512
2d396f7fd0e661a2f15a1f0dc51341b89d9b28f6742a4bdfb7fe9115c5c7b44d9b8ac6e1c5e492f5971c2f9595f17c4154d979f7183df23d8f52ab0e24834d3f
-
SSDEEP
12288:D3P1A0+Kvdnd4Asvhc27/ao+PzENGtkZg0/CedRlZRqR6ysen:Dfm0+KlZsJc27io2zYGtk20/LdF0+8
Behavioral task
behavioral1
Sample
nyynvefzjerks
Resource
ubuntu1804-amd64-20221111-en
Malware Config
Extracted
xorddos
topbannersun.com:5993
wowapplecar.com:5993
-
crc_polynomial
CDB88320
Targets
-
-
Target
nyynvefzjerks
-
Size
546KB
-
MD5
2a91a3170a5fd4fb3e30f3d63b9120de
-
SHA1
1a7a226833f43fdaee71cb6f84914f9a1e87de81
-
SHA256
c9bd6d01eb7258fef88ec5c9276431c1db45f063b316f83943e45b6a40a76783
-
SHA512
2d396f7fd0e661a2f15a1f0dc51341b89d9b28f6742a4bdfb7fe9115c5c7b44d9b8ac6e1c5e492f5971c2f9595f17c4154d979f7183df23d8f52ab0e24834d3f
-
SSDEEP
12288:D3P1A0+Kvdnd4Asvhc27/ao+PzENGtkZg0/CedRlZRqR6ysen:Dfm0+KlZsJc27io2zYGtk20/LdF0+8
Score9/10-
Writes file to system bin folder
-
Writes file to shm directory
Malware can drop malicious files in the shm directory which will run directly from RAM.
-