Overview

overview

10

Static

static

10

cyber-x86

ubuntu-22.04-amd64

7

Analysis

  • max time kernel
    9s
  • max time network
    0s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    11/08/2024, 01:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cyber-x86

  • Size

    61KB

  • MD5

    df62d3d53d3f634aae4a37df11acd1ed

  • SHA1

    e5af5f52fe71317deda7e266b5c1d4d1610f34da

  • SHA256

    cee25cc5b9582224d6bc20580fbfb9aecc21efbf673719d378172cb0756e5415

  • SHA512

    911c64d707198f72e72770d4f1b303235befcdcbb72bdf5fb436a06dc9f9484cb45fda47dbc1242184c3108af653fc23b7b3afa858ff0b6db23024d98960ae30

  • SSDEEP

    1536:2J5ivXfltjxvStba8IluvBhcZxb5l9CSNBODDF:2J5iXjjxvuba8I5P5ODDF

Score
7/10
evasion

Malware Config

Signatures

  • Deletes journal logs 1 TTPs 2 IoCs

    Deletes systemd journal logs. Likely to evade detection.

    evasion
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Changes its process name 1 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/cyber-x86
    /tmp/cyber-x86
    1⤵
    • Deletes journal logs
    • Modifies Watchdog functionality
    • Changes its process name
    • Reads runtime system information
    PID:1567

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads