4c4afa30265dbbf474eb4cec202a6a434c737e8736a82b093fa024616f918f58

Analysis

max time kernel
4s
max time network
131s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20231215-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20231215-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
22-12-2023 15:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

dcb17693510ab7cefdffec59df1c5b00
Size

932B
MD5

dcb17693510ab7cefdffec59df1c5b00
SHA1

53b26fb9617fb4f1f15cdda965b953139cc44983
SHA256

4c4afa30265dbbf474eb4cec202a6a434c737e8736a82b093fa024616f918f58
SHA512

8d63c26248bfb2f54aa32287a99777e26e2a228918aeecdcd66252f4ede48de465ef35df4bac3520a26a3047c3cf04275c7461625ce313a69423c1ff7cee0327

Score

3^/10

Malware Config

Signatures

Writes file to tmp directory 20 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-bolt.service-VBlFuE	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.ssh-CTACwoY4HG5a	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/ssh-CTACwoY4HG5a	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-systemd-resolved.service-jT3nOX	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-systemd-resolved.service-jT3nOX	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-bolt.service-VBlFuE	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/snap-private-tmp	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.dcb17693510ab7cefdffec59df1c5b00	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/dcb17693510ab7cefdffec59df1c5b00	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-systemd-timedated.service-fbJb09	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-fwupd.service-5qKVG2	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-fwupd.service-5qKVG2	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.netplan_h7qookfp	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/netplan_h7qookfp	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-ModemManager.service-nh8CTx	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-ModemManager.service-nh8CTx	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.snap-private-tmp	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-systemd-timedated.service-fbJb09	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/.systemd-private-68b7dd6134244e0b925cbf715b51840a-colord.service-b1cJ4E	dcb17693510ab7cefdffec59df1c5b00
File opened for modification	/tmp/systemd-private-68b7dd6134244e0b925cbf715b51840a-colord.service-b1cJ4E	dcb17693510ab7cefdffec59df1c5b00

/tmp/dcb17693510ab7cefdffec59df1c5b00
/tmp/dcb17693510ab7cefdffec59df1c5b00
1⤵
- Writes file to tmp directory
PID:1535

/tmp/tmp/dcb17693510ab7cefdffec59df1c5b00
./tmp/dcb17693510ab7cefdffec59df1c5b00
1⤵
PID:1535

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads