General
-
Target
1_noUPX
-
Size
6.1MB
-
Sample
230607-ty7egadd7y
-
MD5
f9ba8c3372fdaf67422703bbc2208640
-
SHA1
5042e58bc2e1d94912d11b11286ad6bccf0e4666
-
SHA256
8602c57b152d735fb6e44c5866cd4a837f337d5464641f55e22fd65556e41ee2
-
SHA512
d330557ff2bab35181a5b2ce550b11fc4f3dc8d38431ac26989d22b9247df955684fddf97dc11235001852b490704db3af87ed859c8a5bca3573aac66dd1018c
-
SSDEEP
98304:HtpIDtRKq6YrRYjfmUyy++++++qq++++u+uwP5R5R5VYjMYjMtpuVE8OLqjbOqw0:H+tAq65cKEpHVGZA2O7TI
Malware Config
Targets
-
-
Target
1_noUPX
-
Size
6.1MB
-
MD5
f9ba8c3372fdaf67422703bbc2208640
-
SHA1
5042e58bc2e1d94912d11b11286ad6bccf0e4666
-
SHA256
8602c57b152d735fb6e44c5866cd4a837f337d5464641f55e22fd65556e41ee2
-
SHA512
d330557ff2bab35181a5b2ce550b11fc4f3dc8d38431ac26989d22b9247df955684fddf97dc11235001852b490704db3af87ed859c8a5bca3573aac66dd1018c
-
SSDEEP
98304:HtpIDtRKq6YrRYjfmUyy++++++qq++++u+uwP5R5R5VYjMYjMtpuVE8OLqjbOqw0:H+tAq65cKEpHVGZA2O7TI
Score7/10-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-
Checks CPU configuration
Checks CPU information which indicate if the system is a virtual machine.
-
Checks hardware identifiers (DMI)
Checks DMI information which indicate if the system is a virtual machine.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads CPU attributes
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-