Analysis

  • max time kernel
    155s
  • max time network
    159s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20231215-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    22-12-2023 13:03

General

  • Target

    968f1af151eb6c342cc64d3e4de38f1c

  • Size

    1.3MB

  • MD5

    968f1af151eb6c342cc64d3e4de38f1c

  • SHA1

    4d6d62bcbc5b0799c64bd14fd92bce45c02b01f5

  • SHA256

    6024030271512627b779c2ef924bb4f908705027a7c588a217e41775640b5081

  • SHA512

    6b9883411eff2e06ad6fb51f748c641992dc45220feffaea91f34a2ef3066ae3e4ef8c2aa736f83ed8aa7c4532f9a5ad7e65178d5f6b0a14daa1765d98ff6bbd

  • SSDEEP

    24576:fAg0g+3YAqKbwt6Mleiv8x7HBruOmjqD0rV8T5KWs2/wOLg6Yvz1VVbBHpusVmMS:og01IAqHtZleikDuOGqYrVy5Kd2/zJYw

Score
6/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 2 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/968f1af151eb6c342cc64d3e4de38f1c
    /tmp/968f1af151eb6c342cc64d3e4de38f1c
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1576

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads