85c3bb78f60519055314fd2cbc9652211624cf62e12da00c14d31291ef25c5c8

Resubmissions

25/11/2023, 16:38

25/11/2023, 16:35

max time kernel
16s
max time network
181s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231026-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231026-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
25/11/2023, 16:38

Target

.rsync/a/run
Size

109B
MD5

623f15febc9933354a6a08543ae49aa3
SHA1

8b865eb9b747207160a6b5ff1aefad4fbc6fc465
SHA256

1a0391e55d19ec582410044bf2ddaaaea7cf1277d23a8d26b0443bb8e40fa672
SHA512

e1e048b28175eabef7aa5284cae83e44fba7438b72beeddc80c5e39a3b8adf03492ef90090d1fab84b509959fab4e3dd33ad66827c5759a3e9c451429c60bdc6

Score

3^/10

Writes file to tmp directory 2 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/.rsync/a/dir.dir	run
File opened for modification	/tmp/.rsync/a/bash.pid	run

/tmp/.rsync/a/bash.pid

Filesize
5B

MD5
1ddcd3ac3e6db860f810ed70997ac6a8

SHA1
6ebc9da3a1f2c0d61a6c3f336561327cd1abfd95

SHA256
898a82b86f3661dbb4f3264b83cb493f418e448e9ffcdcd2da808e9e15c93fed

SHA512
437fd472309ccf7b4777e4cbb8d4a8ac515ac2d46f9db39ded8eac7776c6cbdf62a7583530e58c66aee496edb18e0d07ee3a4163ac530a772962b561d08e5369

Download Submit
/tmp/.rsync/a/dir.dir

Filesize
14B

MD5
b3d878adcf4672bbd1f31cffac10c769

SHA1
ce5798837933ece35a7e26a0a3dc06cab19c6275

SHA256
ea5fce19c5fbbbc6c3c36eb9e8e295dfb525e9669aafaf8abe9ddb4e00e345c7

SHA512
019d21a618b3ccc70c0c7ede225cbbb704e2b448048586c44c74c81a747129da9f3f9675f2a29363af320d2684974a1ff00ac608c53de4458aeacd3ed4f9da2c

Download Submit