Analysis

  • max time kernel
    18s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    15-07-2024 18:36

General

  • Target

    .rsync/c/run

  • Size

    209B

  • MD5

    14d81e980c0ca2f21cfa386dbaeffc11

  • SHA1

    1736595cff66a4e29e749435d7a0a92a67c789b3

  • SHA256

    380244e59ba1b19961645d16da290b1111efc8131ae4da30fc1dde15639f2796

  • SHA512

    1e70258404880648d2a5b5b231e816bc7ed909d7a2d100d87ac85cc29b2b25ab730bef088ded84b3ac4c65705cb18ca5b0ff882446b6fe701756ac52e42c46fe

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

Processes

  • /tmp/.rsync/c/run
    /tmp/.rsync/c/run
    1⤵
      PID:1518
      • /usr/bin/wc
        wc -l
        2⤵
          PID:1523
        • /bin/grep
          grep name
          2⤵
            PID:1522
          • /bin/grep
            grep model
            2⤵
              PID:1521
            • /bin/cat
              cat /proc/cpuinfo
              2⤵
              • Checks CPU configuration
              PID:1520
            • /bin/sleep
              sleep 15
              2⤵
                PID:1524
              • /tmp/.rsync/c/stop
                ./stop
                2⤵
                  PID:1528
                • /bin/sleep
                  sleep 3
                  2⤵
                    PID:1529
                  • /bin/sleep
                    sleep 159
                    2⤵
                      PID:1530

                  Network

                  MITRE ATT&CK Enterprise v15

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads