Overview

overview

10

Static

static

10

RIP_YOUR_PC_LOL.exe

debian-12-armhf

3

RIP_YOUR_PC_LOL.exe

debian-12-mipsel

3

RIP_YOUR_PC_LOL.exe

debian-9-armhf

3

RIP_YOUR_PC_LOL.exe

debian-9-mips

3

RIP_YOUR_PC_LOL.exe

debian-9-mipsel

3

RIP_YOUR_PC_LOL.exe

ubuntu-22.04-amd64

3

RIP_YOUR_PC_LOL.exe

ubuntu-24.04-amd64

3

Resubmissions

07-12-2024 03:49

241207-edgkzszrdj 10

04-12-2024 22:38

241204-2kv4aa1jgn 10

04-12-2024 20:49

241204-zl1ztawnfk 10

04-12-2024 20:48

241204-zlmgeszrbt 10

04-12-2024 19:23

241204-x3662sspbq 10

04-12-2024 19:14

241204-xxpd2sslem 10

19-07-2024 04:07

240719-epssdsvgkf 10

17-07-2024 17:11

240717-vqak7szhjl 10

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    04-12-2024 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RIP_YOUR_PC_LOL.exe

  • Size

    22.5MB

  • MD5

    52867174362410d63215d78e708103ea

  • SHA1

    7ae4e1048e4463a4201bdeaf224c5b6face681bf

  • SHA256

    37d8e1ce3b6e6488942717aa78cb54785edc985143bcc8d9ba9f42d73a3dbd7a

  • SHA512

    89e17e147d3f073e479e85d0b0321f6264bbc2aa84c930ed645e8f5cde3f1e58812c3db1ba0f10bee6ce7ac0731e1e3de6747a9b3c4d63a564dd8d904bd726ab

  • SSDEEP

    393216:HJLgf7BPkdKzrZciLxv8naSNtPr5rn57M84UTB9xO5/VWvJKJPkwdnfZ4y5SDkFV:poBPQwxMR7pn5qUTB9xOFVWvJKJPkwd9

Score
3/10
discovery

Malware Config

Signatures

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

    discovery
  • System Network Configuration Discovery 1 TTPs 1 IoCs

    Adversaries may gather information about the network configuration of a system.

    discovery

Processes

  • /usr/bin/apt
    apt install "wine;" wine /tmp/RIP_YOUR_PC_LOL.exe
    1⤵
    • Reads runtime system information
    • System Network Configuration Discovery
    PID:2475
    • /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      2⤵
      • Reads runtime system information
      PID:2477
    • /usr/bin/dpkg
      /usr/bin/dpkg --print-foreign-architectures
      2⤵
      • Reads runtime system information
      PID:2478

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads