Overview

overview

6

Static

static

3

DDoS-Rippe...per.py

ubuntu-18.04-amd64

6

DDoS-Rippe...per.py

debian-9-armhf

3

DDoS-Rippe...per.py

debian-9-mips

3

DDoS-Rippe...per.py

debian-9-mipsel

3

DDoS-Rippe...t__.py

ubuntu-18.04-amd64

3

DDoS-Rippe...t__.py

debian-9-armhf

3

DDoS-Rippe...t__.py

debian-9-mips

3

DDoS-Rippe...t__.py

debian-9-mipsel

3

DDoS-Rippe...38.pyc

ubuntu-18.04-amd64

DDoS-Rippe...38.pyc

debian-9-armhf

DDoS-Rippe...38.pyc

debian-9-mips

DDoS-Rippe...38.pyc

debian-9-mipsel

DDoS-Rippe...rm.dll

ubuntu-18.04-amd64

DDoS-Rippe...rm.dll

debian-9-armhf

DDoS-Rippe...rm.dll

debian-9-mips

DDoS-Rippe...rm.dll

debian-9-mipsel

Resubmissions

08/09/2024, 09:49 UTC

240908-ltpd4aygpj 6

07/09/2024, 21:53 UTC

240907-1rsq3axcrn 3

07/09/2024, 21:50 UTC

240907-1qbq6axckp 3

07/09/2024, 21:47 UTC

240907-1nltcazblh 6

07/09/2024, 21:46 UTC

240907-1mtskazbja 3

07/09/2024, 21:44 UTC

240907-1lm9dszalh 6

07/09/2024, 21:41 UTC

240907-1jybksyhpc 8

Analysis

  • max time kernel
    34s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    07/09/2024, 21:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DDoS-Ripper Pro/DRipper.py

  • Size

    47KB

  • MD5

    836fb4703be19909e41c9b5f8db4b357

  • SHA1

    b99ef3621d34d01597c4ebeda84a08584f630068

  • SHA256

    2f8ffe7521b02a75326cbd70a1783294809fb0c6e3f6a02af72bdc86bf1d7b36

  • SHA512

    b941cfa9519f9b021bffc67499ce9552015c72dcf2511b6d5500dc495e63e028fc3de9990ef17e842e0705f338d1520ab76ddac3c674641800b6a7eafaba0bec

  • SSDEEP

    768:0H91otr8AvZxM6DoFUD6iNUTRUvbV8M3s30MoT3ECBY5jZIJZGmwKS:0HDO/6UD6iNYRQJ8Mc30plY5mJwmc

Score
3/10
discovery

Malware Config

Signatures

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /usr/bin/python
    python "/tmp/DDoS-Ripper Pro/DRipper.py"
    1⤵
    • Reads runtime system information
    • Writes file to tmp directory
    PID:710
    • /bin/sh
      sh -c "uname -p 2> /dev/null"
      2⤵
        PID:735
        • /bin/uname
          uname -p
          3⤵
            PID:737

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.