General
-
Target
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
-
Size
198B
-
Sample
241114-dphfzsxlhp
-
MD5
bf2374b8c6298e3b02141b50c16c3986
-
SHA1
f45d99d3b235b13a932f8b5c06d53ca2f230c0b2
-
SHA256
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0
-
SHA512
c7b2ffcab25f6d46b5db46cb5f99f1998a5b7e743ce860f22e52c30ec9ed6eef5e205ddff847905b0a8f7c53136956cadf84917182fba3d3007acc99b0a1340b
Static task
static1
Behavioral task
behavioral1
Sample
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral2
Sample
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
Resource
debian9-mipsbe-20240611-en
Behavioral task
behavioral4
Sample
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
Resource
debian9-mipsel-20240611-en
Malware Config
Targets
-
-
Target
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown
-
Size
198B
-
MD5
bf2374b8c6298e3b02141b50c16c3986
-
SHA1
f45d99d3b235b13a932f8b5c06d53ca2f230c0b2
-
SHA256
d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0
-
SHA512
c7b2ffcab25f6d46b5db46cb5f99f1998a5b7e743ce860f22e52c30ec9ed6eef5e205ddff847905b0a8f7c53136956cadf84917182fba3d3007acc99b0a1340b
Score7/10-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Deletes itself
-
Executes dropped EXE
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-