0de9266af49aab24256c289d39e86649d978d5a4c9d0ff2041a22140b88ea688

Submit
Reports

Overview

overview

Static

static

.systemd/.i686

ubuntu-22.04-amd64

.systemd/.run

ubuntu-18.04-amd64

.systemd/.run

debian-9-armhf

.systemd/.run

debian-9-mips

.systemd/.run

debian-9-mipsel

.systemd/.x86_64

ubuntu-24.04-amd64

.systemd/auto

ubuntu-18.04-amd64

.systemd/auto

debian-9-armhf

.systemd/auto

debian-9-mips

.systemd/auto

debian-9-mipsel

.systemd/clean

ubuntu-18.04-amd64

.systemd/clean

debian-9-armhf

.systemd/clean

debian-9-mips

.systemd/clean

debian-9-mipsel

.systemd/go

ubuntu-18.04-amd64

.systemd/go

debian-9-armhf

.systemd/go

debian-9-mips

.systemd/go

debian-9-mipsel

.systemd/ntpdate

ubuntu-18.04-amd64

.systemd/ntpdate

debian-9-armhf

.systemd/ntpdate

debian-9-mips

.systemd/ntpdate

debian-9-mipsel

.update/.i686

ubuntu-20.04-amd64

.update/.run

ubuntu-18.04-amd64

.update/.run

debian-9-armhf

.update/.run

debian-9-mips

.update/.run

debian-9-mipsel

.update/.x86_64

ubuntu-22.04-amd64

.update/auth

ubuntu-18.04-amd64

.update/auth

debian-9-armhf

.update/auth

debian-9-mips

.update/auth

debian-9-mipsel

Analysis

max time kernel
1s
platform
debian-9_armhf
resource
debian9-armhf-20240611-en
resource tags

arch:armhfimage:debian9-armhf-20240611-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
submitted
08-11-2024 11:36

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

1 signatures

Behavioral task

behavioral1

Sample

.systemd/.i686

Resource

ubuntu2204-amd64-20240611-en

discovery

ubuntu-22.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

.systemd/.run

Resource

ubuntu1804-amd64-20240508-en

discovery upx

ubuntu-18.04-amd64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

.systemd/.run

Resource

debian9-armhf-20240611-en

discovery

debian-9-armhf

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

.systemd/.run

Resource

debian9-mipsbe-20240729-en

discovery

debian-9-mips

4 signatures

150 seconds

Behavioral task

behavioral5

Sample

.systemd/.run

Resource

debian9-mipsel-20240611-en

discovery

debian-9-mipsel

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

.systemd/.x86_64

Resource

ubuntu2404-amd64-20240523-en

kaiten botnet discovery

ubuntu-24.04-amd64

6 signatures

150 seconds

Behavioral task

behavioral7

Sample

.systemd/auto

Resource

ubuntu1804-amd64-20240508-en

defense_evasion execution persistence privilege_escalatio

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

.systemd/auto

Resource

debian9-armhf-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-armhf

4 signatures

150 seconds

Behavioral task

behavioral9

Sample

.systemd/auto

Resource

debian9-mipsbe-20240729-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mips

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

.systemd/auto

Resource

debian9-mipsel-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mipsel

4 signatures

150 seconds

Behavioral task

behavioral11

Sample

.systemd/clean

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

.systemd/clean

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

.systemd/clean

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

.systemd/clean

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

.systemd/go

Resource

ubuntu1804-amd64-20240729-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

.systemd/go

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

.systemd/go

Resource

debian9-mipsbe-20240729-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

.systemd/go

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

.systemd/ntpdate

Resource

ubuntu1804-amd64-20240611-en

defense_evasion discovery execution persistence privilege_escalatio upx

ubuntu-18.04-amd64

8 signatures

150 seconds

Behavioral task

behavioral20

Sample

.systemd/ntpdate

Resource

debian9-armhf-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-armhf

7 signatures

150 seconds

Behavioral task

behavioral21

Sample

.systemd/ntpdate

Resource

debian9-mipsbe-20240611-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mips

8 signatures

150 seconds

Behavioral task

behavioral22

Sample

.systemd/ntpdate

Resource

debian9-mipsel-20240418-en

defense_evasion discovery execution persistence privilege_escalatio

debian-9-mipsel

8 signatures

150 seconds

Behavioral task

behavioral23

Sample

.update/.i686

Resource

ubuntu2004-amd64-20240611-en

antivm discovery execution persistence privilege_escalatio

ubuntu-20.04-amd64

11 signatures

150 seconds

Behavioral task

behavioral24

Sample

.update/.run

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

.update/.run

Resource

debian9-armhf-20240729-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

.update/.run

Resource

debian9-mipsbe-20240729-en

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

.update/.run

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

.update/.x86_64

Resource

ubuntu2204-amd64-20240611-en

xmrig antivm discovery execution miner persistence privilege_escalatio

ubuntu-22.04-amd64

14 signatures

150 seconds

Behavioral task

behavioral29

Sample

.update/auth

Resource

ubuntu1804-amd64-20240508-en

discovery persistence privilege_escalation

ubuntu-18.04-amd64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

.update/auth

Resource

debian9-armhf-20240611-en

discovery persistence privilege_escalation

debian-9-armhf

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

.update/auth

Resource

debian9-mipsbe-20240611-en

discovery persistence privilege_escalation

debian-9-mips

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

.update/auth

Resource

debian9-mipsel-20240729-en

discovery persistence privilege_escalation

debian-9-mipsel

3 signatures

150 seconds

Report Analysis Logs

General

Target

.systemd/go
Size

535B
MD5

9066e6a118c61eb95d8c9a0b0b85e98c
SHA1

4fdd4b943c477fb46cbb3643d3388bda1988996e
SHA256

85818b573931ee3af0b7290e11a300bf0d0720db8f7db44815bab20bbe4a6413
SHA512

5c472bea5f8fedcb90fb96b5b840b7edbfb211a1f04bea831def58a3691dc8b740ee5b06481ea147eabdad2ad5f51123016792c4b372b356315e6d7b12bb00e0

Score

1^/10

Malware Config

Signatures

Processes

/tmp/.systemd/go
/tmp/.systemd/go
1⤵
PID:675
- /tmp/.systemd/auto
  ./auto
  2⤵
  PID:679
- /tmp/.systemd/ntpdate
  ./ntpdate
  2⤵
  PID:683
- /tmp/.systemd/.run
  ./.run
  2⤵
  PID:684
- /tmp/.systemd/clean
  ./clean
  2⤵
  PID:685

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads