General
-
Target
system.pub
-
Size
5.0MB
-
Sample
240223-krksfsdh8y
-
MD5
79a1b9d88ee7423d040df8f13acfce2e
-
SHA1
3916eeaa33bc68ded08ec7f93e7c930b3eea4222
-
SHA256
c14b0aa9f855639d4bebe2e1f501d63fcec39cd9b46b48944866a277eb0dcdd3
-
SHA512
e329a67725df94e91995aa8d3f7a18812c600008b1bbb35f630a36cc76af8856c22cd7d48b84eef70696ae202df8ec51b616f80962da5db111bc19a8889b48e7
-
SSDEEP
49152:FGKPMxchyyTrCXDMrTZ3+tVNfEP2KmpAP5EWOigY/zA95xwR:TMmhyyTSe3+BnwExvxa
Static task
static1
Behavioral task
behavioral1
Sample
system.pub
Resource
ubuntu1804-amd64-20240221-en
Behavioral task
behavioral2
Sample
system.pub
Resource
ubuntu2004-amd64-20240221-en
Malware Config
Targets
-
-
Target
system.pub
-
Size
5.0MB
-
MD5
79a1b9d88ee7423d040df8f13acfce2e
-
SHA1
3916eeaa33bc68ded08ec7f93e7c930b3eea4222
-
SHA256
c14b0aa9f855639d4bebe2e1f501d63fcec39cd9b46b48944866a277eb0dcdd3
-
SHA512
e329a67725df94e91995aa8d3f7a18812c600008b1bbb35f630a36cc76af8856c22cd7d48b84eef70696ae202df8ec51b616f80962da5db111bc19a8889b48e7
-
SSDEEP
49152:FGKPMxchyyTrCXDMrTZ3+tVNfEP2KmpAP5EWOigY/zA95xwR:TMmhyyTSe3+BnwExvxa
Score9/10-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads EFI boot settings
Reads EFI boot settings from the efivars filesystem, may contain security secrets or sensitive data.
-
Creates/modifies environment variables
Creating/modifying environment variables is a common persistence mechanism.
-
Modifies Bash startup script
-