Analysis
-
max time kernel
0s -
max time network
131s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
16-06-2024 21:32
Static task
static1
Behavioral task
behavioral1
Sample
rwwwshell.pl
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
rwwwshell.pl
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral3
Sample
rwwwshell.pl
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
rwwwshell.pl
Resource
debian9-mipsel-20240611-en
General
-
Target
rwwwshell.pl
-
Size
13KB
-
MD5
43878695a6b3028af23c072d92736616
-
SHA1
5737d114edc8b0d8fc18fc3bfe4c5629407ad263
-
SHA256
81c3c2b3e19b103ada6d293b3fd4fd19f96a17756bef16080cdf05649cd53c08
-
SHA512
6f31f34c467244a4552e98650c6f890c5c40a8c226add1f8893e6b93f393aa014daf23541b222b2c2b3d3ee43abe2115783aeafae3831eab7f4a1e9ecdb2bf7f
-
SSDEEP
192:IfLY9UJQmvjvpoaFDYVc0YkTGVSmc79qTBOc9VFzkVFLJvCVFo2N828:4hQm7vGbVMNcZql5yFLwpqP
Malware Config
Signatures
-
Changes its process name 1 IoCs
Processes:
rwwwshell.pldescription ioc pid process Changes the process name, possibly in an attempt to hide itself vi 1490 rwwwshell.pl