Overview

overview

7

Static

static

3

UnrealIRCD...SE.vbs

windows7-x64

1

UnrealIRCD...SE.vbs

windows10-2004-x64

1

UnrealIRCD...rt.vbs

windows7-x64

1

UnrealIRCD...rt.vbs

windows10-2004-x64

1

UnrealIRCD...es.vbs

windows7-x64

1

UnrealIRCD...es.vbs

windows10-2004-x64

1

UnrealIRCD...Config

ubuntu-18.04-amd64

3

UnrealIRCD...Config

debian-9-armhf

3

UnrealIRCD...Config

debian-9-mips

3

UnrealIRCD...Config

debian-9-mipsel

3

UnrealIRCD...re.vbs

windows7-x64

1

UnrealIRCD...re.vbs

windows10-2004-x64

1

UnrealIRCD...nstall

ubuntu-18.04-amd64

1

UnrealIRCD...nstall

debian-9-armhf

1

UnrealIRCD...nstall

debian-9-mips

1

UnrealIRCD...nstall

debian-9-mipsel

1

UnrealIRCD...figure

ubuntu-18.04-amd64

7

UnrealIRCD...figure

debian-9-armhf

7

UnrealIRCD...figure

debian-9-mips

7

UnrealIRCD...figure

debian-9-mipsel

7

UnrealIRCD...lp.vbs

windows7-x64

1

UnrealIRCD...lp.vbs

windows10-2004-x64

1

UnrealIRCD...chk.in

ubuntu-18.04-amd64

1

UnrealIRCD...chk.in

debian-9-armhf

1

UnrealIRCD...chk.in

debian-9-mips

1

UnrealIRCD...chk.in

debian-9-mipsel

1

UnrealIRCD...dulize

ubuntu-18.04-amd64

3

UnrealIRCD...dulize

debian-9-armhf

3

UnrealIRCD...dulize

debian-9-mips

3

UnrealIRCD...dulize

debian-9-mipsel

3

UnrealIRCD...ns.vbs

windows7-x64

1

UnrealIRCD...ns.vbs

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    03-10-2024 03:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UnrealIRCD_1_.priv.ClearScreen/Unreal/Config

  • Size

    13KB

  • MD5

    657e46a8fa16cf20e39a538ccc32bf51

  • SHA1

    d0e3078b31c2a163623076cac6f16abeff38fcf7

  • SHA256

    c916150569a821c9654d81c8ed213f9a96bb7c610327e3a9d8d5bcb7891faff8

  • SHA512

    17a01844d6c5b45f2a72f21386fc9ec59a3683db5807bf4128cdcb203306ad0390ce6d3de47ee647c76402f1c229ed0d5d33f9ec4369dcfedb73ce5a54bf4ad7

  • SSDEEP

    192:gPDp6EHrINXIV5wZodcrBbPqnfmtbXj1sMtp6oqbOIJ1ameaR+HnX/0pflRs:gPDp6MkN4V5wU+qJa

Score
3/10

Malware Config

Signatures

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal/Config
    /tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal/Config
    1⤵
    • Writes file to tmp directory
    PID:716
    • /bin/hostname
      hostname
      2⤵
        PID:719
      • /usr/bin/clear
        clear
        2⤵
          PID:722
        • /bin/more
          more .CHANGES.NEW
          2⤵
            PID:729
          • /usr/bin/clear
            clear
            2⤵
              PID:732
            • /bin/more
              more .RELEASE.NOTES
              2⤵
                PID:734
              • /usr/bin/clear
                clear
                2⤵
                  PID:735
                • /bin/rm
                  rm -f config.settings
                  2⤵
                    PID:738
                  • /bin/cat
                    cat
                    2⤵
                      PID:739
                    • /tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal/configure
                      ./configure --enable-hub "--with-listen=5" "--with-dpath=/tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal" "--with-spath=/tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal/src/ircd" "--with-nick-history=2000" "--with-sendq=3000000" "--with-bufferpool=18" "--with-hostname=debian9-mipsbe-20240611-en-1" "--with-permissions=0600" "--with-fd-setsize=1024" --enable-dynamic-linking
                      2⤵
                        PID:740
                      • /bin/cat
                        cat
                        2⤵
                          PID:741

                      Network

                      MITRE ATT&CK Matrix

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • /tmp/UnrealIRCD_1_.priv.ClearScreen/Unreal/config.settings
                        Filesize

                        406B

                        MD5

                        4d3747db7dad3cb3a0f45bb215e67b68

                        SHA1

                        e121dfd8cfd456d33d01c82fbd59b030179bc37e

                        SHA256

                        dca27f9cff51e7e9dfc863099484e7faa86d3b8f37545480520f327c60f86f29

                        SHA512

                        3d399093104c0fc0761c6e191797f84fd183b5bcde9796d9dd1635b96bff3f6bcdd1320f54dd8c5098d0ad10c87d86372f32bba9cb0bf5fc370209e5f274cb42

                        Download Submit