Analysis
-
max time kernel
212s -
max time network
209s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20230831-en -
resource tags
-
submitted
17/09/2023, 21:03
General
-
Target
caido
-
Size
95.9MB
-
MD5
0f6c73e6b0176fb7375a2348c9b5ef20
-
SHA1
0fd582ed76284277f7a82d095b8b0d009ce3ed5b
-
SHA256
65954b0f35bcedb1a3388b4b9244a973f56b0f58815610cda19f8ba4ebe4416f
-
SHA512
011795e6e359d2d260e2c28657414f909b9e4579cf2efd987943bab9005d57bf544a8717b17b9d73fdc41aca0035fb0489a68d62d791af9d046671265923ef3c
-
SSDEEP
393216:5YgSodBrkkGX3g7nMXqUfnBNVvCk8d/r9X915hEdejqwZpusLcFSiWJxulNn+6Ud:5zFdBkgzMxPtvCk0/Rn5hy86UZ
Malware Config
Signatures
-
Changes its process name 11 IoCs
-
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
-
Reads runtime system information 3 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/caido/tmp/caido1⤵
- Checks CPU configuration
- Reads runtime system information
-
/usr/local/sbin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/usr/local/bin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/usr/sbin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/usr/bin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/sbin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/bin/xdg-openxdg-open http://127.0.0.1:8080/2⤵
-
-
/usr/local/sbin/giogio open http://127.0.0.1:8080/2⤵
-
-
/usr/local/bin/giogio open http://127.0.0.1:8080/2⤵
-
-
/usr/sbin/giogio open http://127.0.0.1:8080/2⤵
-
-
/usr/bin/giogio open http://127.0.0.1:8080/2⤵
-
-
/sbin/giogio open http://127.0.0.1:8080/2⤵
-
-
/bin/giogio open http://127.0.0.1:8080/2⤵
-
-
/usr/local/sbin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/usr/local/bin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/usr/sbin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/usr/bin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/sbin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/bin/gnome-opengnome-open http://127.0.0.1:8080/2⤵
-
-
/usr/local/sbin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
-
/usr/local/bin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
-
/usr/sbin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
-
/usr/bin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
-
/sbin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
-
/bin/kde-openkde-open http://127.0.0.1:8080/2⤵
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
44KB
MD58c2df9d851c2566d796d0194f401c2e3
SHA194e35eb53b777fc653333ac8af57fc6c7bf96725
SHA2568079ca52fc4ef452dc1d45c0499a3bed3a22ab7a7213dac47e574e552b7ac84e
SHA51261b8292cf9b39acbebfdde495a85622e1e599e7d3c4b4271ffa7969090e86c03c7adf0e151998ab837dc8ac3b91e71cd177b4cd1bc48a6e6903d747b24598f2a
-
Filesize
4KB
MD5a94c6b223792ed260f95e4ffec69cf0b
SHA1f261f5aeb13bfc656828ec47e67cd1a4f34129d3
SHA256dbd58ee1e006849320fc637d0f80699cf39190ead66429cedb863b916a332222
SHA51242c4dca8d603e864e580d307cb966c01908e37e50ae071fb77e29115eca5df0a49a21a5451de26870bdd63646a31ecab7457633635d513b3faea5b3992e0982c
-
Filesize
12KB
MD5e599e881f5c612e53a784340edd94f72
SHA1c1b4bd94ffb3292ee19b9d457f807422fd45ce2d
SHA256ed59da2e05eef4a4e29287162e0e4cb7a574496d045d5ef52891c9ce7d584453
SHA5124d5ca89bc1897203f9c04d4454cf953bacb7fbece3dd9e59dd1ea6e20f14eaf97d6d37dcc0b77c2053a3e2a6a9617b75d9b6c62368a353b83a1e24f9b2c811c6