Overview
overview
6Static
static
1test.zip
windows7-x64
1test.zip
windows10-2004-x64
1test/bin/ipcs
ubuntu-18.04-amd64
1test/bin/iplink
ubuntu-18.04-amd64
1test/bin/ipneigh
ubuntu-18.04-amd64
4test/bin/iproute
ubuntu-20.04-amd64
1test/bin/iprule
ubuntu-18.04-amd64
1test/bin/iptunnel
ubuntu-18.04-amd64
4test/bin/kbd_mode
ubuntu-18.04-amd64
1test/bin/kill
ubuntu-20.04-amd64
1test/bin/killall
ubuntu-20.04-amd64
1test/bin/killall5
ubuntu-18.04-amd64
test/bin/klogd
ubuntu-18.04-amd64
1test/bin/last
ubuntu-20.04-amd64
1test/bin/less
ubuntu-18.04-amd64
1test/bin/link
ubuntu-20.04-amd64
1test/bin/linux32
ubuntu-18.04-amd64
1test/bin/linux64
ubuntu-18.04-amd64
1test/bin/linuxrc
ubuntu-18.04-amd64
3test/bin/ln
ubuntu-18.04-amd64
1test/bin/loadfont
ubuntu-20.04-amd64
1test/bin/loadkmap
ubuntu-20.04-amd64
1test/bin/logger
ubuntu-18.04-amd64
1test/bin/login
ubuntu-20.04-amd64
1test/bin/logname
ubuntu-18.04-amd64
1test/bin/logread
ubuntu-18.04-amd64
1test/bin/losetup
ubuntu-18.04-amd64
1test/bin/lpd
ubuntu-18.04-amd64
1test/bin/lpq
ubuntu-18.04-amd64
1test/bin/lpr
ubuntu-18.04-amd64
1test/bin/ls
ubuntu-18.04-amd64
1test/bin/lsattr
ubuntu-18.04-amd64
1Resubmissions
21-02-2024 21:33
240221-1ebl1sff21 121-02-2024 21:21
240221-z7ptnsfd7t 321-02-2024 21:11
240221-z1lhnsfh42 621-02-2024 20:59
240221-zs7qyafc41 621-02-2024 20:49
240221-zl1n2sfb6y 321-02-2024 20:37
240221-zefqasfe76 621-02-2024 20:24
240221-y65m3aeh3v 621-02-2024 20:10
240221-yxsl5sfc47 621-02-2024 19:59
240221-yqk9gsef4y 621-02-2024 19:43
240221-ye7ncaeh25 6Analysis
-
max time kernel
3s -
max time network
5s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240221-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
21-02-2024 19:59
Static task
static1
Behavioral task
behavioral1
Sample
test.zip
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
test.zip
Resource
win10v2004-20240221-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
test/bin/ipcs
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral4
Sample
test/bin/iplink
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral5
Sample
test/bin/ipneigh
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral6
Sample
test/bin/iproute
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral7
Sample
test/bin/iprule
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral8
Sample
test/bin/iptunnel
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral9
Sample
test/bin/kbd_mode
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral10
Sample
test/bin/kill
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral11
Sample
test/bin/killall
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral12
Sample
test/bin/killall5
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral13
Sample
test/bin/klogd
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral14
Sample
test/bin/last
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral15
Sample
test/bin/less
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral16
Sample
test/bin/link
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral17
Sample
test/bin/linux32
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral18
Sample
test/bin/linux64
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral19
Sample
test/bin/linuxrc
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral20
Sample
test/bin/ln
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral21
Sample
test/bin/loadfont
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral22
Sample
test/bin/loadkmap
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral23
Sample
test/bin/logger
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral24
Sample
test/bin/login
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
Behavioral task
behavioral25
Sample
test/bin/logname
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral26
Sample
test/bin/logread
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral27
Sample
test/bin/losetup
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral28
Sample
test/bin/lpd
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral29
Sample
test/bin/lpq
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral30
Sample
test/bin/lpr
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral31
Sample
test/bin/ls
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Behavioral task
behavioral32
Sample
test/bin/lsattr
Resource
ubuntu1804-amd64-20240221-en
ubuntu-18.04-amd64
Errors
General
-
Target
test/bin/killall5
-
Size
1.1MB
-
MD5
991461b86aebecfd096dc11ff2a04b4b
-
SHA1
dc5074340d4631bbf89adc122e8f1a3ca8d87564
-
SHA256
dcd9a5af1c6297ed1a66c851efa305000335d8ade068ba515125a6612f1d5300
-
SHA512
8692fb03afbb9601444911167f579c23dfece59d04816b18591f7eb712572f63ce7b12e42dcc02f0e67110208f31f44501708f4b8d0fd8f20be6f1ea3bc0f3a5
-
SSDEEP
24576:qpLODejvoXyo2dIfScaxJZ7+0T8eaj+I++lZq49k77i:kLODe0XgdI83ak4/9k7u
Malware Config
Signatures
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads runtime system information 64 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/8/stat killall5 File opened for reading /proc/81/stat killall5 File opened for reading /proc/467/stat killall5 File opened for reading /proc/481/stat killall5 File opened for reading /proc/974/stat killall5 File opened for reading /proc/1155/stat killall5 File opened for reading /proc/1190/stat killall5 File opened for reading /proc/19/stat killall5 File opened for reading /proc/479/stat killall5 File opened for reading /proc/507/stat killall5 File opened for reading /proc/1472/stat killall5 File opened for reading /proc/21/stat killall5 File opened for reading /proc/171/stat killall5 File opened for reading /proc/474/stat killall5 File opened for reading /proc/1151/stat killall5 File opened for reading /proc/78/stat killall5 File opened for reading /proc/546/stat killall5 File opened for reading /proc/982/stat killall5 File opened for reading /proc/1317/stat killall5 File opened for reading /proc/34/stat killall5 File opened for reading /proc/1194/stat killall5 File opened for reading /proc/1342/stat killall5 File opened for reading /proc/1564/stat killall5 File opened for reading /proc/1557/stat killall5 File opened for reading /proc/35/stat killall5 File opened for reading /proc/488/stat killall5 File opened for reading /proc/623/stat killall5 File opened for reading /proc/659/stat killall5 File opened for reading /proc/681/stat killall5 File opened for reading /proc/1037/stat killall5 File opened for reading /proc/1056/stat killall5 File opened for reading /proc/1393/stat killall5 File opened for reading /proc/13/stat killall5 File opened for reading /proc/27/stat killall5 File opened for reading /proc/326/stat killall5 File opened for reading /proc/482/stat killall5 File opened for reading /proc/666/stat killall5 File opened for reading /proc/1142/stat killall5 File opened for reading /proc/1209/stat killall5 File opened for reading /proc/3/stat killall5 File opened for reading /proc/16/stat killall5 File opened for reading /proc/170/stat killall5 File opened for reading /proc/184/stat killall5 File opened for reading /proc/1123/stat killall5 File opened for reading /proc/10/stat killall5 File opened for reading /proc/178/stat killall5 File opened for reading /proc/426/stat killall5 File opened for reading /proc/545/stat killall5 File opened for reading /proc/686/stat killall5 File opened for reading /proc/80/stat killall5 File opened for reading /proc/738/stat killall5 File opened for reading /proc/1086/stat killall5 File opened for reading /proc/7/stat killall5 File opened for reading /proc/25/stat killall5 File opened for reading /proc/214/stat killall5 File opened for reading /proc/1168/stat killall5 File opened for reading /proc/1215/stat killall5 File opened for reading /proc/1539/stat killall5 File opened for reading /proc/20/stat killall5 File opened for reading /proc/215/stat killall5 File opened for reading /proc/566/stat killall5 File opened for reading /proc/622/stat killall5 File opened for reading /proc/1147/stat killall5 File opened for reading /proc/1189/stat killall5