Analysis
-
max time kernel
2s -
max time network
133s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240226-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
10-04-2024 15:06
Behavioral task
behavioral1
Sample
fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
Resource
ubuntu1804-amd64-20240226-en
ubuntu-18.04-amd64
2 signatures
150 seconds
General
-
Target
fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
-
Size
22KB
-
MD5
aa78b0d9c6351cb664780d9203a331a9
-
SHA1
5c2aa2735f5c925fd309b41d02f29473448aea68
-
SHA256
fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
-
SHA512
3c4c6ca09c87583a405ec02478b02008548748a747cb4375aaea6b7c780dea2230bc2d5502f1d3f14c55890f34703525ee1c08f6bad41e30e52d21cd922e80fa
-
SSDEEP
384:ImdtpD0ogxSIafTZquZkBgzspIbMCfZSDFM6HlYGxhq0iFBcTjY4Uy:IYtpD0oDZ/IabDRSD2wlYgq0iFDc
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself pickup -l -t fifo -u 1580 fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a -
Creates Raw socket 1 IoCs
Creates a socket that captures raw packets at the device level
pid 1585