c0653f3663ee80d8ef29bf606aca6338f566109ba1ca67a545e15e7d44b3ead6

Analysis

max time kernel
1s
platform
debian-9_armhf
resource
debian9-armhf-20231222-en
resource tags

arch:armhfimage:debian9-armhf-20231222-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
22-12-2023 15:50

Target

.psy/config
Size

141B
MD5

f4456b3228dfab92695cc95cff7a3c99
SHA1

20d5f3b7475007dbbbba2fbf7c829f262377eb36
SHA256

bd49bbc8f4137547ba4172b151558779daa19600f74f389ed1fe315ae026211f
SHA512

4eb4ea098aa14ff25b9fd7c2f0416c1152303555ef79d8d2da5ba4c4428b62bca527fb181f5e23963f525fd0aa5de461b634950ddc0aca903692fc5dc43d6d97

Score

3^/10

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/.psy/ssstt	config

/tmp/.psy/ssstt

Filesize
21B

MD5
b8ae366c0bb49b918d15b6eadba9d3d3

SHA1
bbb5d8a081359fc0ac0d9aea1513718134586683

SHA256
44fd9a8be6e26f1b8ac4e56de900252a13f62f8ea6e395570bbd17101ac22849

SHA512
54aa64b244ad9ce075e05b53c281274944158a70de39a6a1b26bd5910eba11cf30cf9e58ce701011dc57ca54e5de7fdb37c030e64db9ccf91a6ae67012defe1e

Download Submit
/tmp/.psy/ssstt

Filesize
43B

MD5
aaecb9040a19da0aa29514c1ab3406fb

SHA1
411997995cea55aedff8f475a285d4d19ce8a0d7

SHA256
b05c43a2a6ba3fe0a1ece92927f965fe82a9d9f1eeb698bf248c963e87c47d71

SHA512
e5fdb6b0953fcf64f8412f3baf1d56edc041d1e278bd556ebd4aed946417e88706994b6e9ff6fcc608d6ffea6cbf8b48e5960ac8a4b931423d10a3be45d64600

Download Submit
/tmp/.psy/ssstt

Filesize
72B

MD5
af6a1fa5b095ef4690c3c285fd377ffd

SHA1
75374bfebbb16a4710bdb3f7add4d991d6b5c403

SHA256
217d496355143bd64ae99472442da8ff6dadcc8dec7e619e1f39a598e3b72ab8

SHA512
60bcb7ca83f5a167c61cab3a43cce959e91d40a791ed710737c75ade57c97fef0b6bc212b74e98bdae9e73ba6a22dcb759db097de87074063e03ae87c119c244

Download Submit