Resubmissions

12-06-2024 17:05

240612-vmcamasdqh 6

12-06-2024 16:56

240612-vft7vsscma 7

12-06-2024 16:50

240612-vcjxqasbna 6

12-06-2024 16:40

240612-t6wb6swank 6

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    12-06-2024 16:56

General

  • Target

    sketchyorignorant-main/21632898

  • Size

    922B

  • MD5

    4a261a62cb4179bd7f1e9963bdf464b2

  • SHA1

    da471b6d2cb05e5cc0d0506fe6dee8126f03616c

  • SHA256

    a5eed75ecc135a193f06ec0d4a9d00e71ebae3063442dcd4b8ffeadc53be59e5

  • SHA512

    ece2175d09f1a640219d4eff38f15a1643c8345b760727b7ca799c279f9998a860db0f5c3b5981791c011387d51f73dc5c315318fc34c92eae16080f0dbf8548

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/sketchyorignorant-main/21632898
    /tmp/sketchyorignorant-main/21632898
    1⤵
    • Writes file to tmp directory
    PID:1531
    • /bin/tar
      tar -xzf fio-3.29.tar.gz
      2⤵
      • Reads runtime system information
      PID:1532
    • /tmp/sketchyorignorant-main/configure
      ./configure "--extra-cflags=-O3 -fcommon"
      2⤵
        PID:1534
      • /usr/bin/make
        make -j
        2⤵
          PID:1535
        • /bin/chmod
          chmod +x fio-run
          2⤵
            PID:1536

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • /tmp/sketchyorignorant-main/fio-run
          Filesize

          631B

          MD5

          9fcb46055bf473aafdeab2b7a724b892

          SHA1

          5e0ffdbb7322ad3ebe7b802ab6e5c5b7bfd5a48f

          SHA256

          1281f27038c45a897021a6a8b65d428f9d903035f32917bc8dafb92eecb45bff

          SHA512

          6e09a00e0529862ca224a9bb9d60b7048cd219e49698c254a5b7f0450186311a441253e092e6b783743451c4a6d525e39e7a3b0e5fa464d677e32c743a674d12