ce27061cd0f707eed21d820be9d086fe0b313e6d93f735d4600126e3fb73dcf7

Resubmissions

08/09/2024, 09:49

240908-ltpd4aygpj 6

07/09/2024, 21:53

07/09/2024, 21:50

07/09/2024, 21:47

07/09/2024, 21:46

07/09/2024, 21:44

07/09/2024, 21:41

Analysis

max time kernel
0s
max time network
1683s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240611-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
07/09/2024, 21:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

DDoS-Ripper Pro/DRipper.py
Size

47KB
MD5

836fb4703be19909e41c9b5f8db4b357
SHA1

b99ef3621d34d01597c4ebeda84a08584f630068
SHA256

2f8ffe7521b02a75326cbd70a1783294809fb0c6e3f6a02af72bdc86bf1d7b36
SHA512

b941cfa9519f9b021bffc67499ce9552015c72dcf2511b6d5500dc495e63e028fc3de9990ef17e842e0705f338d1520ab76ddac3c674641800b6a7eafaba0bec
SSDEEP

768:0H91otr8AvZxM6DoFUD6iNUTRUvbV8M3s30MoT3ECBY5jZIJZGmwKS:0HDO/6UD6iNYRQJ8Mc30plY5mJwmc

Score

3^/10

discovery

Malware Config

Signatures

Reads runtime system information 2 IoCs

Reads data from /proc virtual filesystem.

discovery

description	ioc	Process
File opened for reading	/proc/self/status	python
File opened for reading	/proc/mounts	python

Writes file to tmp directory 1 IoCs

Malware often drops required files in the /tmp directory.

description	ioc	Process
File opened for modification	/tmp/DDoS-Ripper Pro/pytransform/__init__.pyc	python

/usr/bin/python
python "/tmp/DDoS-Ripper Pro/DRipper.py"
1⤵
- Reads runtime system information
- Writes file to tmp directory
PID:1391
- /bin/sh
  sh -c "uname -p 2> /dev/null"
  2⤵
  PID:1392
- - /usr/bin/uname
    uname -p
    3⤵
    PID:1393

Windows 7 deprecation

Loading Replay Monitor...

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads