Overview

overview

3

Static

static

1

92a334f54c...4ccef9

ubuntu-18.04-amd64

3

92a334f54c...4ccef9

debian-9-armhf

1

92a334f54c...4ccef9

debian-9-mips

3

92a334f54c...4ccef9

debian-9-mipsel

3

Analysis

  • max time kernel
    2s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231222-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231222-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22/12/2023, 12:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    92a334f54cf6f2ea67c3ac2c134ccef9

  • Size

    193B

  • MD5

    92a334f54cf6f2ea67c3ac2c134ccef9

  • SHA1

    69ff5695b6a4a5fba17903b7c10d248910e94c2c

  • SHA256

    09fb4b69bccfeaa6964e898ced7d5b982848b05a28f84429b8f1cdf671af810b

  • SHA512

    0326f3f8b5c2ce1870f318bcc56ea3b92460fe40e511974ac1f4e0a91a7cf9c74c5ea99bc511216f9ebf9d8e7472b5460263a3ba8f63e76607f59c271708e67a

Score
3/10

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/92a334f54cf6f2ea67c3ac2c134ccef9
    /tmp/92a334f54cf6f2ea67c3ac2c134ccef9
    1⤵
      PID:1555
      • /sbin/insmod
        insmod adore.o
        2⤵
        • Reads runtime system information
        PID:1556
      • /sbin/insmod
        insmod cleaner.o
        2⤵
        • Reads runtime system information
        PID:1557
      • /sbin/rmmod
        rmmod cleaner
        2⤵
        • Enumerates kernel/hardware configuration
        • Reads runtime system information
        PID:1558

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads