498828c14a6fe77ea57c332522b45822403c018accd304ae2b5bc663b3157742

Analysis

max time kernel
154s
max time network
143s
platform
linux_amd64
resource
ubuntu1804-amd64-en-20211208
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-en-20211208kernel:4.15.0-161-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
28-08-2023 01:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6219aed75ee542fbaf803fb4e8c8e8ce.bin
Size

129KB
MD5

6219aed75ee542fbaf803fb4e8c8e8ce
SHA1

95871ef1e8796e40bda2379daf5ffeeef7298760
SHA256

498828c14a6fe77ea57c332522b45822403c018accd304ae2b5bc663b3157742
SHA512

e6f9e00755d9f4497f1ad3ce3a2f403e00470a210f585f0bb76ab4d8d89f6d9c2e566c3316e3531e6bd7e5e5b223ff2dd80bc74bf2f38fce8034449eb0e346cd
SSDEEP

3072:3UX5YWaDw/C1Ou+cbN/Aei5ZaogzY0oYz2I/bnjq6Mv:kpYWaDwi4qrfiv

Score

7^/10

Malware Config

Signatures

Changes its process name 1 IoCs

description	ioc	pid	Process
Changes the process name, possibly in an attempt to hide itself	a- M}!	575	6219aed75ee542fbaf803fb4e8c8e8ce.bin

Enumerates running processes
Discovers information about currently running processes on the system

Reads runtime system information 64 IoCs

Reads data from /proc virtual filesystem.

description	ioc
File opened for reading	/proc/6/cmdline
File opened for reading	/proc/16/cmdline
File opened for reading	/proc/84/cmdline
File opened for reading	/proc/162/cmdline
File opened for reading	/proc/577/cmdline
File opened for reading	/proc/8/cmdline
File opened for reading	/proc/9/cmdline
File opened for reading	/proc/30/cmdline
File opened for reading	/proc/78/cmdline
File opened for reading	/proc/80/cmdline
File opened for reading	/proc/332/cmdline
File opened for reading	/proc/347/cmdline
File opened for reading	/proc/391/cmdline
File opened for reading	/proc/2/cmdline
File opened for reading	/proc/7/cmdline
File opened for reading	/proc/115/cmdline
File opened for reading	/proc/127/cmdline
File opened for reading	/proc/155/cmdline
File opened for reading	/proc/163/cmdline
File opened for reading	/proc/572/cmdline
File opened for reading	/proc/165/cmdline
File opened for reading	/proc/170/cmdline
File opened for reading	/proc/4/cmdline
File opened for reading	/proc/12/cmdline
File opened for reading	/proc/27/cmdline
File opened for reading	/proc/36/cmdline
File opened for reading	/proc/81/cmdline
File opened for reading	/proc/85/cmdline
File opened for reading	/proc/541/cmdline
File opened for reading	/proc/570/cmdline
File opened for reading	/proc/22/cmdline
File opened for reading	/proc/157/cmdline
File opened for reading	/proc/168/cmdline
File opened for reading	/proc/192/cmdline
File opened for reading	/proc/342/cmdline
File opened for reading	/proc/349/cmdline
File opened for reading	/proc/5/cmdline
File opened for reading	/proc/10/cmdline
File opened for reading	/proc/21/cmdline
File opened for reading	/proc/98/cmdline
File opened for reading	/proc/576/cmdline
File opened for reading	/proc/578/cmdline
File opened for reading	/proc/156/cmdline
File opened for reading	/proc/238/cmdline
File opened for reading	/proc/252/cmdline
File opened for reading	/proc/334/cmdline
File opened for reading	/proc/15/cmdline
File opened for reading	/proc/23/cmdline
File opened for reading	/proc/26/cmdline
File opened for reading	/proc/159/cmdline
File opened for reading	/proc/161/cmdline
File opened for reading	/proc/169/cmdline
File opened for reading	/proc/309/cmdline
File opened for reading	/proc/393/cmdline
File opened for reading	/proc/394/cmdline
File opened for reading	/proc/370/cmdline
File opened for reading	/proc/1/cmdline
File opened for reading	/proc/14/cmdline
File opened for reading	/proc/20/cmdline
File opened for reading	/proc/153/cmdline
File opened for reading	/proc/251/cmdline
File opened for reading	/proc/356/cmdline
File opened for reading	/proc/11/cmdline
File opened for reading	/proc/32/cmdline

/tmp/6219aed75ee542fbaf803fb4e8c8e8ce.bin
/tmp/6219aed75ee542fbaf803fb4e8c8e8ce.bin
1⤵
- Changes its process name
PID:575

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads