105e32c8ef13d4d001923c1a43a8849d069fc4adebe48e5e6a9e726eb605ce31

Analysis

max time kernel
11s
max time network
481s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240221-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
15/04/2024, 16:01

Target

.rsync/a/run
Size

109B
MD5

623f15febc9933354a6a08543ae49aa3
SHA1

8b865eb9b747207160a6b5ff1aefad4fbc6fc465
SHA256

1a0391e55d19ec582410044bf2ddaaaea7cf1277d23a8d26b0443bb8e40fa672
SHA512

e1e048b28175eabef7aa5284cae83e44fba7438b72beeddc80c5e39a3b8adf03492ef90090d1fab84b509959fab4e3dd33ad66827c5759a3e9c451429c60bdc6

Score

3^/10

Writes file to tmp directory 2 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/.rsync/a/dir.dir	run
File opened for modification	/tmp/.rsync/a/bash.pid	run

/tmp/.rsync/a/bash.pid

Filesize
5B

MD5
3502b67d300d9d82f467e8e947073bf4

SHA1
8dc23557e025d35becc466b98b562207f4222b79

SHA256
ba2fcf68b9defb7eb640b7bf1fff10d22a37dc41ba83c52401187ea748d9b4aa

SHA512
17e9bcca410882101c25bde9096fa1bb436106bdf8219d224d45a6fdcad63d79feb8c8661672bb6aeaf165a0117caf17ea65a903df5a1c8609011e45d9fd427f

Download Submit
/tmp/.rsync/a/dir.dir

Filesize
14B

MD5
b3d878adcf4672bbd1f31cffac10c769

SHA1
ce5798837933ece35a7e26a0a3dc06cab19c6275

SHA256
ea5fce19c5fbbbc6c3c36eb9e8e295dfb525e9669aafaf8abe9ddb4e00e345c7

SHA512
019d21a618b3ccc70c0c7ede225cbbb704e2b448048586c44c74c81a747129da9f3f9675f2a29363af320d2684974a1ff00ac608c53de4458aeacd3ed4f9da2c

Download Submit